This work is licensed under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.
1. Introduction
Internet of Things (IoT) [1] is one of the new popular technologies in the modern era whose security and confidentiality is still a controversial topic in this field. IoT primarily requires the precise mechanisms of confidentiality, integrity, authentication, and access control model. The current Internet is constantly under attack due to technical, legal, and human problems. This issue leads to hundreds of new security challenges that should be addressed in detail. Another challenge in this area is that the IoT applications are on the rise. In this article, a brief review of security issues related to IoT and the impact of this technology on the digital divide are presented. According to a May 2014 report by the Pew Research Center, the IoT will have significantly grown by 2025. According to a research by the Gartner Institute in 2020, nearly 26 billion identifiable devices could be part of this global computer network. According to Gartner, more than 50% of Internet connections are accomplished through IoTs. The market value of IoT equipment increased from less than $ 1 billion in 2015 to $ 48 billion in 2025. HIS Research also reports a 6-fold increase in sales of IoT products over the next decade. According to the agency forecasts, the supply of products, e.g., sensors for pedestrian identification and traffic status applications, estimates of the state, and amount of water and air pollution in 2026, will be 1.4 billion units. IHS predicts that the IoT market will grow from a base cost of 15.4 billion devices in 2015 to 30.7 billion in 2020 and 75.4 billion in 2025 [2]. Given the rapid growth in the number of IoT devices according to International Data Corporation (IDC), the market for IoT is expected to reach $ 41 billion by 2020 [3]. The security and privacy of IoT [4] are intended to protect against malicious attacks and any unauthorized use of users’ private information on the Internet, which has always been a major challenge in cyberspace. Theft of confidential information from the business servers, private photos from private clouds, and video content from IP-connected home cameras are typical examples of Internet hackers destroying security. Sharing personal shopping habits, disclosing people’s residential information, and giving personal details to unauthorized people are behaviors that affect privacy. The impact of the challenge will be certainly enhanced by increasing the number of IoT-connected devices and services. As security threats increase, users need new authentication techniques to increase security. Many applications and services have emerged in various monitoring, medical, military care, etc. Fields using IoT technology. Moreover, the rapid growth of the sensor industry in mobile and smart devices entails users’ permanent connection as a standard feature in the near future. As a result, the importance of IoT security and privacy is reported as an urgently necessary requirement, specifically for the IoT infrastructure with high level of security. Fingerprint is a reliable biometric feature that is addressed in a wide range of applications requiring authentication. Biometric systems such as fingerprints provide tools to create reliable reports and protect the privacy of authorized users [5].
In this paper, one or more of the biometric features such as fingerprint and multi-layer security architecture can be used to increase security and reliability of system from the security risk perspective. On the other hand, for the implementation of the proposed approach, the partial method and the Arduino hardware platform are used. This controller’s performance can be upgraded based on the algorithms to support a variety of IoT sensors and communication platforms. Furthermore, another improvement is the simultaneous use of biometric sensors and back-up communication paths to address security threats in each layer of the IoT. The main contributions of this paper are as follows:
(i) Security improvement by combining sensors for biometric features identification such as fingerprint sensors and voice biometric systems. The system can also be upgraded by other biometric features such as the user’s face.
(ii) IoT Controller section theory, where the Arduino controller is used with the capability of intelligence algorithms to resolve possible errors.
(iii) Security improvement in the IoT communication layer by applying redundant mechanisms for transferring information from the Arduino controller to the Internet infrastructure.
(iv) Security enhancement for user authentication and confirmation, a combination of password and biometric features are used to identify the person and allow access to the IoT. Along with simulating and implementing biometric identification models, cryptographic models are used to increase system security with the secure storage of biometric data. Biometric templates must be stored with a hash-based private key to merely provide access for the registered user.
(v) Recording biometric features should be done in a secure part of the reliable hardware so that it is not accessible to other users except the system administrator. The encrypted form of the biometric data is merely stored in the system. Moreover, once a user is erased, their biometric data are also erased from the device where rooting the device should not compromise the biometric data.
(vi) Using Markov model for improvement biometric authentication.
(vii) Combine hash algorithm with biometric technique for more security improvement.
The rest of this paper is structured as follows. Section 2 contains the research related to authentication and cryptography in the context of the Internet of Things. Using the Markov model, the improvement level of biometric securities compared with conventional password-based methods will be proven in Section 3. The proposed method and the related models are presented in Section 4. Simulation and details of simulation are given in Section 5 Finally, the conclusion is proposed in section six.
2. Related Work
In this section, the research study is reviewed from different perspectives of IoT security-related research based on fingerprint biometrics and the applied research in the area, such as medical research, is initially reviewed [6]. Then, the studies associated with IoT authentication and encryption are addressed accompanied by the reviewing the practical uses of security-sensitive applications Different types of platforms associated with security, such as cloud computing, the Arduino platform, and the cloud platform are reviewed.
In Ref. [7], a prototype-based framework for IoT-enabled health care systems is presented. The solution uses smart gateway architecture to facilitate data storage and processing, as well as the cloud as a support infrastructure for analysis and decision-making. The security of this solution depends on the security features and capabilities of the operating system. Another solution is suggested in Ref. [8]. In this context, Raspberry Pi devices are used as fog nodes. It is also guaranteed through the use of an authentication process based on the role of data confidentiality. In this context, the cloud environment is used to some extent for data storage. Also Ref. [9] discusses the hierarchical framework for use in the field of health along with the security of its data. In this method, information related to the analysis of health data is stored separately in the cloud and fog infrastructure. The solution also uses the MAPE-K-based model to support computations related to running various programs as well as data encryption. In addition, Ref. [10] suggests a low-energy health monitoring framework. This method is used to facilitate and secure the process of sending the analyzed IoT data to the fog environment. In this solution, IoT devices also have processing power and are able to process raw data. They also have the ability to discharge data to different nodes in order to reduce energy consumption. In the fog layer is a distributed database for classifying and securing data. Hu [11] Provides a security framework for use in face recognition systems. In this solution, a central cloud is responsible for managing all available resources. Small tasks are also unloaded to process the fog infrastructure. Upon completion of tasks in fog, only the results will be sent back to the cloud for analysis and storage. In Ref. [12], another framework has been developed to provide data-sharing capabilities for users. In this proposed framework, each user operation is managed by the core of the Spark platform embedded in the cloud environment. In this method, encryption and authentication techniques have been used to provide security. Finally, an one-pass architecture is proposed that proposes PaaS capability for combining fog nodes and IoT devices [13]. This method helps with messaging communications as well as authentication. This solution supports horizontal integration between gateways and cloud data centers as well as task migration. Table 1
Table 1
Shows summarizing the metrics and limitations of various methods.
| Method | Decentralized management | Security features | Platform independence | Ability to integrate in... | ||||
| Security | Authentication | Integrity | Cloud | Fog | IoT | |||
| Rahmani [7] | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ |
| Dubey [8] | ✓ | ✓ | ✓ | ✗ | ✗ | ✗ | ✓ | ✓ |
| Azimi [9] | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ |
| Gia [10] | ✓ | ✓ | ✓ | ✗ | ✗ | ✗ | ✓ | ✓ |
| Hu [11] | ✗ | ✗ | ✗ | ✗ | ✗ | ✓ | ✓ | ✓ |
| Suneetha et al. [12] | ✗ | ✗ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ |
| Jaberi, et.al. 2021 | ✗ | ✗ | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ |
| Proposed | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
The authors in Ref. [14] suggested a system including NodeMCU ESP8266 microcontroller with a Wi-Fi connection for IoT driver applications. Android applications have features such as history control, navigation, registration menu, and speech recognition control. In this research, system security consists of a unique biometric and speech authentication mechanism. However, compared with the mechanism in our paper, the suggested mechanism is proposed only in the layer of IoT sensors. Authors in their study designed a low-cost biometric system for IoT devices using limited resources to be able to save the memory and computation costs [15]. The suggested system utilizes an algorithm based on the block logic operation to reduce biometric property measurement. However, the introduced mechanism is only proposed in the layer of IoT sensors compared with the suggested one in our article.
In their study, Karimian et al. discuss the cost of using biometric systems and suggest frameworks for their improvement [16]. In this regard, Srianusha et al. proposed a system for fingerprint engine start. This system allows only authorized users to drive the vehicle via scanning their fingerprints. Users can enter the system and register by letting the system scan their fingerprints. In this research, Atmega 328 and esp8266 wifimodule microcontrollers are used. We can refer to the single-layer security mechanism approach in the sensors layer as one of the limitations of this study. In this paper, by considering the reviews regarding the related activities, in contrast with traditional security systems, we seek to utilize biometric properties on the platform of multi-layer security architecture. In other words, a multi-layer security architecture, including biometric features and coding systems, is proposed. In the first, second, and application IoT layers, fingerprint recognition algorithm, Hash algorithm, and hardware platforms for the Internet of things are used, respectively.
In Ref. [17] a lightweight algorithm is presented to ensure the security of the cloud computing environment. The proposed algorithm uses the 16 byte block encryption technique to encrypt the data. In this algorithm, Faistel network with permutation and replacement architecture are used to complicate the cryptographic process. This solution has the power to run with the length of the private key and the number of different cycles. The results of the evaluation indicate that the implementation time of the solution is low. But the problem with these private key-based solutions is that they require an encryption key exchange, which can compromise security and privacy. In Ref. [18] several different encryption techniques have been used to secure cloud storage space. For this purpose, an encryption system based on AES algorithm and asynchronous key transfer system for data or information exchange is provided. Elliptic curve encryption technique has also been used to exchange information between the user and the server. The solution has been able to achieve a relatively good execution time in the process of sending and receiving data, although in this evaluation, the volume of data is considered very small. The authors in Ref. [19] presented a two-step encryption solution to secure data storage in the cloud. In this solution, the main data are divided into two parts, which are encrypted by a common key. The cryptographic key is based on the model of chaos theory. This solution can increase the encryption time while increasing security, but the required time for splitting and combining data has not been investigated. In Ref. [20], blockchain is used for a security solution based on cloud computing. Accordingly, to ensure data security, data are stored in the form of blockchain blocks. For any data to be stored in block form, it will require the approval of more than half of the servers, so it will be virtually impossible to make unwanted changes. But this type of security will have problems; for example, if the user wants to delete or change the data, it will be very costly. Another problem is how to store different types of data in the form of blockchain blocks because the blockchain is originally designed to store data related to transactions. In Ref. [21], the performance of some symmetric cryptographic algorithms has been studied in terms of runtime parameters and memory consumption. The results show that DES and Blowfish algorithms are more efficient in encryption and decryption time as well as memory consumption. The articles [22, 23] provide an overview of the most important cryptographic solutions that can be used in cloud computing and the Internet of Things. The results of these studies indicate the need for algorithms and solutions that can create a kind of compromise between security and service quality parameters, so that due to the limited resources of processing nodes in the IoT devices, the use of encryption technique has the least negative impact on providing services.
Authors in Ref. [24] provides a secure decision-making solution for the Internet of Things based on cloud computing. Accordingly, machine learning alongside IoT based on fog computing has been used to provide a safe experience in healthcare systems. Blockchain has also been used to secure the framework. In this solution, data related to patients’ physiological signals are first collected using intelligent devices and sent to fog nodes. In this case, the fog nodes use their processing power to use machine learning to examine the physiological signals received and to make decisions about patients who may have problems. After the diagnosis of this group of patients, a warning message is sent to the relevant doctor. In this case, blockchain is used to secure the data stream. The authors in Ref. [25] provided a survey on IoT-based healthcare system. For this purpose, a comprehensive review of the applications, problems, and challenges of these systems has been conducted. The result of this study is the need for the development of traditional health models with the help of IoT infrastructure. In this way, a permanent connection can be established between the patient and the medical centers through IoT sensors. But, in the meantime, there are security and privacy challenges that require new research and solutions to provide secure algorithms that require low resources.
Also in Table 2 contribution of some related works are shown.
Table 2
Related works in the field of IoT security.
| Reference paper | Year | Contribution |
| [17] | 2021 | In this solution, a lightweight algorithm based on block cryptography is used to provide security in fog computing. |
| [19] | 2020 | A two-step encryption solution is provided to secure the data stored in the cloud. In this solution, the main data are divided into two parts, which are encrypted by a common key. |
| [22] | 2020 | In this article, the authors provide an overview of the most important cryptographic solutions that can be used in fog computing. The results of these studies indicate the need for algorithms and solutions that can create a kind of compromise between security and service quality parameters. |
| [24] | 2020 | A framework for use in health care systems along with machine learning for decision-making based on patient data is provided. Also, blockchain has been used to secure the data stream. |
| [26] | 2020 | This paper first examines the infrastructure, protocol, and application of the Internet of Things. Then, security problems in the IoT environment are expressed. It also identifies some emerging techniques that can be used to address IoT security issues. In this study, the authors conclude that machine learning, blockchain, and artificial intelligence are the new approaches to solving the problem of IoT security. |
| [14] | 2020 | The authors provided a system including a microcontroller with android application that has features for history control and speech recognition. For securing this system, they are using a unique biometric and speech authentication mechanism. |
| [15] | 2019 | Authors in this paper provided a low-cost biometric system for IoT devices that used limited resources to reduce memory and computation costs. The proposed system utilizes an algorithm based on the block logic operation to reduce biometric property measurement. |
| [21] | 2019 | A number of symmetric cryptographic algorithms have been investigated in terms of performance. Solutions in terms of runtime parameters and memory consumption have been investigated. The purpose of this study was to determine the capabilities and limitations of each cryptographic algorithm. |
| [18] | 2018 | In this research, an encryption system based on AES algorithm and asynchronous key transfer system for data exchange is presented. This solution can be used to secure infrastructure with limited processing resources. |
| [20] | 2018 | Blockchain has been used as a security solution based on cloud computing. To ensure data security, data are stored in the form of blockchain blocks. |
3. Biometric Security Using Markov Model
In the traditional systems, security depended on password-based approaches. In this section, the level of security improvement in biometric-based systems compared with traditional password methods will be proven.
In order to evaluate the security, we introduce a Markov process to describe a security attack model based on the Markov transition matrix. A security threat is a stochastic process; therefore, we model it as a Markov chain.
3.1. Two-State Markov Model
The probability of transition from one state to another is defined based on the vulnerabilities present in the current state. An attacker misuses various vulnerabilities to reach a security threat state and, ultimately, reaches the ultimate failure. Not applying security measures, the system has two states, as shown below:
(i) S state for secure state
(ii) F state for failure state
3.1.1. Two-State Markov Model in the State of Inability for Recovering Security Threat
In the Markov model shown below, “a” probability indicates the probability of transition from a secure state to a failure state. Since in this model, recovering the security threat is not possible, the system enters the failure state (fault state) during the security threat. In the Markov chain, the sum of probabilities of outgoing edges from each state is equal to one (see Figure 1).
[figure omitted; refer to PDF]
The probabilities of transition between states in the Markov model are as follows:
(i) Probability “a”: indicates the probability of transition from a secure state of the system to a threat state.
(ii) Probability “b”: indicates the probability of threat elimination and return of the system from a threat state to a secure state.
(iii) Probability “c”: indicates the probability of transition from the system’s threat state to failure state and occurrence of security error (in the case of not identifying the security threat).
(iv) Probability “d”: indicates the probability of return of the system from security error occurrence state to threat state (detection of security threat).
(v) Probability “e”: indicates the probability of return and recovery of the system from security error occurrence to secure state (detection and correction of security threat).
This security model contains every element of a security attack, including attack, defense, and system recovery. In this article, due to some reasons, we will not introduce the direct transition from state S to state F, because several stages exist for the detection and correction of security threats in the proposed mechanism.
Since security threats, as error occurrence factors, lead to the system entering an undesired state, there are two states of detection and correction to deal with security threats.
In the above model, probabilities “b” and “d” indicate the correction probabilities of the security threats (probability “b” indicates the probability for system return from a threat state to a secure state after correction of the threat state and probability “d” indicates the probability of system return from security error occurrence to threat state in the case of error correction of the threat state).
3.3. Transition Probability Matrix for States of Security Evaluation
The transition probability matrix for a Markov chain with n states is a n × n matrix in which the element p[i, j] is the probability of transition from state i to state j in the range [1, 28].
3.3.1. Transitions Probability Matrices of the Two-State Markov Model in the Mode of the Impossibility of Security Threat Recovery
In the transition probability matrix, the sum of values of each row is equal to one. Hence, based on the Markov chain, the transition probability matrix is obtained, as shown in Figure 4.
[figure omitted; refer to PDF]
As shown in Figure 8, a fingerprint image is captured by a scanner or sensor and the sensor converts it into a data format.
[figure omitted; refer to PDF]
The Nest Scenario is similar to the baseline scenario based on the hardware perspective except that the VeriFinger fingerprint identification algorithm is used. A set of minutiae points is used in the VeriFinger fingerprint identification algorithm. The first step in fingerprint authentication is fingerprint image sampling. In the fingerprint sensor, the characteristics of the points with the matched fine lines are taken from the fingerprint image, and they are referred to as minutiae points. In biometrics and fingerprint scanning, minutiae refer to specific plot points on a fingerprint. This includes characteristics such as ridge bifurcation or a ridge ending on a fingerprint. These features store each individual finger in a database and differentiate them from other recorded fingerprints. Fingerprint is initially matched with the entries in the database which have general features similar to the tested fingerprint. If the matching operation with this group does not produce a positive result, the next record with the most similar general features would be selected and the process continues with the same basis until either the successful result is achieved or the end of the database is announced.
Three fingerprint samples are taken from one finger to produce more accurate and higher quality results. Each of the three images is processed to extract its features. The three sets of features are then analyzed and subdivided into a single set of features written in the database. Accordingly, the recorded features will be more reliable and the fingerprint identification quality is significantly enhanced. The flowchart in Figure 9 illustrates the VeriFinger fingerprint identification algorithm step by step.
[figure omitted; refer to PDF]
The fingerprint sensor and encryption in this scenario are combined with the MD5 algorithm. The MD5 algorithm returns a 128-bit digital fingerprint as an output where the message means the biometric feature of the IoT user (see Table 3).
Table 3
Comparing the characteristics of MD5 and SHA1 algorithms.
| Function | MD5 | SHA1 |
| Block length | 512 bit | 512 bit |
| Algorithm length | 128 bit | 160 bit |
| Rotation steps | 64 steps | 80 steps |
| Initialization variables | 4 | 5 |
| Collision complexity | 254 | 280 |
4.3. Third Layer of Architecture: IoT Controller
User authentication based on each one of the biometric properties, such as voice biometric and cryptosystem, is according to the below items:
IoT controller supports below elements regarding encryption algorithms.
(i) Authenticated encryption with associated data (AEDA): GCM, EAX, ChaChaPoly
(ii) Encrypted blocks: AES256, AES192, AES128
(iii) Encryption modes: XTS, GCM, EAX, CTR
(iv) Hash algorithms: BLAKE2b, BLAKE2s, SHA3_512, SHA3_256, SHA512, SHA256
(v) Extendable output functions: SHAKE256, SHAKE128
(vi) Message authentication: MAC-, GHASH, Poly1305
(vii) Public-key algorithms: P521, Ed26619, Curve25519
(viii) Random number generation: RNG
Based on the statistics of Ref. [6], the application of some of these algorithms is listed as follows:
Encryption algorithms
Hash algorithms
Authentication algorithms
4.4. Combining Biometric and Hashing
Multiple authentication to enhance user authentication along with coding mechanisms has been proposed as a new approach in this study. Primary authentication is done using biometric identification, which demonstrates the highest level of security compared to other methods of identification. The main advantage of this approach is reported to provide unique information, i.e., the biological features of the individuals, and remove the problem of replay attacks. The use of encryption-based systems also prevents replay attacks and eavesdropping. The proposed architecture includes the following components:
(i) Biometric authentication by scanning the relevant biological features
(ii) Sending the scan result to the database
(iii) Encrypting the data to the database
(iv) Comparing the encrypted data with the samples in the database
(v) Performing the compliance and authenticity steps
(vi) Approving and allowing the user to communicate in case of matching
(vii) Monitoring of the IoT data
To improve security, the security threats are classified as follows:
(i) Security threats in the identification layer
(ii) Security threats of the control algorithms
(iii) Security threats in the network communications layer (IoT Infrastructure)
Figure 11 shows how to combine biometric and hashing features to increase security:
[figure omitted; refer to PDF]
Schematic of IoT implementation based on fingerprint biometrics is illustrated in Figure 13:
[figure omitted; refer to PDF]
Considering the evaluation results, the VeriFinger algorithm and encryption algorithms both affect the security authentication on the Internet of things. These parameters are selected based on the interactions between security, efficiency, and system cost. From the perspective of VeriFinger algorithm modules, U.are.U 5100 and Verifier 300 modules have the most and least level of security. For moderate security purposes, the FS80 module can be used based on efficiency and costs.
The fingerprint identification algorithm of VeriFinger is evaluated regarding authentication mechanisms; on the other hand, the efficiency and security of this algorithm are dependent on other fingerprint modules. In this regard, based on the agreement accuracy and agreement speed of fingerprint reading, U.are.U 5100 module has more security than modules FS80 and Verifier 300. Hence, in the following sections, the fingerprint recognition authentication mechanisms are simulated based on the U.are.U 5100 module. Concerning Hash mechanisms, the strongest Hash mechanism is based on security evaluation in different conditions of algorithms, namely, MD5 and SHA1.
To check the performance of the MD5 and SHA1 encoding algorithms, the encoding time parameter is used, which is a function of the fingerprint file size (see Figure 14).
[figure omitted; refer to PDF]
Comparing the computation time required for MD5 algorithm coding relative to SHA1 is 63.21% on average (see Table 6).
Table 6
Summary of comparing the time required for coding.
| File size(KB) | Time MD5/SHA1 (%) |
| 8 | 67.65 |
| 16 | 69.35 |
| 32 | 36.63 |
| 64 | 74.07 |
| 128 | 52.85 |
| 256 | 66.88 |
| 512 | 67.56 |
| 1024 | 70.70 |
| Average | 63.21 |
Thus, by applying the biometric properties and a combination of applied innovations in IoT layers, the probability of security problems reduced by 90.71% on average. On the other hand, to keep the efficiency of these MD5 and SHA1 algorithms from the perspective of the time required for coding, using the MD5 algorithm, leads to a 63.21% reduction in the delay time of system efficiency improvement.
5.3. Evaluation of the Two Proposed Methods
Based on the study [29], the security resulted from traditional systems, such as password compared with biometric properties, like the fingerprint, as shown in Table 7.
Table 7
Evaluation of Users’ accounts.
| Security rating | Password (%) | Fingerprint (%) |
| Very secure | 23.4 | 31.9 |
5.3.1. Evaluation of Security of the Two-State Markov Model in the State of the Impossibility of Security Threat Recovery
Before the suggested mechanism and impossibility of security threat, concerning the obtained equation, the probability of the system being at the hacking state and firewall failure is obtained from the below relationship:
Based on different values of a, which is the occurrence probability of security threat, and initial value of P(S0), which according to the security results of traditional systems, is assumed as password and biometric property, two tables are generated, as shown below. It should be noted that the initial value of P(F0) is the supplement of state P(S0). See Tables 8 and 9.
Table 8
Evaluation of security in the first model of Markov with the assumption of using password.
| a | P(S0) | P(F0) | P(F) |
| 0.10 | 23.4 | 76.6 | 78.94 |
| 0.20 | 23.4 | 76.6 | 81.28 |
| 0.30 | 23.4 | 76.6 | 83.62 |
| 0.40 | 23.4 | 76.6 | 85.96 |
| 0.50 | 23.4 | 76.6 | 88.3 |
| 0.60 | 23.4 | 76.6 | 90.64 |
| 0.70 | 23.4 | 76.6 | 92.98 |
| 0.80 | 23.4 | 76.6 | 95.32 |
| 0.90 | 23.4 | 76.6 | 97.66 |
Table 9
Evaluation of security in the first model of Markov with the assumption of using fingerprint biometric.
| a | P(S0) | P(F0) | P(F) |
| 0.10 | 31.9 | 68.1 | 71.29 |
| 0.20 | 31.9 | 68.1 | 74.48 |
| 0.30 | 31.9 | 68.1 | 77.67 |
| 0.40 | 31.9 | 68.1 | 80.86 |
| 0.50 | 31.9 | 68.1 | 84.05 |
| 0.60 | 31.9 | 68.1 | 87.24 |
| 0.70 | 31.9 | 68.1 | 90.43 |
| 0.80 | 31.9 | 68.1 | 93.62 |
| 0.90 | 31.9 | 68.1 | 96.81 |
The probability of system failure and security hacking of the first Markov model in two states of using password compared with using fingerprint biometric can be observed in Figure 15.
[figure omitted; refer to PDF]
The relative comparison of results is observed in Table 16:
Table 16
Comparison results.
| Security threat (%) | System security improvement (relative to each layer) | ||
| Layer 1: Biometric in sensor layer | Layer 2: Hashing in IoT controller | Layer 3: Application layer | |
| 10 | 101.33 | 101.33 | 122.80 |
| 20 | 102.32 | 103.29 | 130.58 |
| 30 | 102.08 | 105.84 | 133.46 |
| 40 | 102.72 | 106.20 | 136.66 |
| 50 | 105.14 | 109.91 | 139.73 |
| 60 | 107.13 | 111.98 | 143.80 |
| 70 | 108.75 | 116.25 | 154.07 |
| 80 | 112.41 | 119.26 | 164.19 |
| 90 | 114.22 | 120.04 | 174.83 |
| Average | 106.23 | 110.45 | 144.46 |
| 120.38 | |||
6. Conclusion
IoT is expected to expand user connectivity and ease daily life; however, serious security challenges are considered in using this technology for distributed authentication. Moreover, integrating with biometrics in IoT design raises concerns about the cost and implementation of a user-friendly design. Furthermore, user authentication in the IoT environment is one of the most important challenges, especially in accessing important data. Current user authentication approaches on the IoT are either less flexible or inflexible. For authentication, the security of password-based systems decreases over time due to human error and the complexity of malicious attacks. According to the proposed mechanism in this paper, which is a combination of biometrics and coding, the security of the system has been improved by an average of 96.82%. Based on simulation states, the proposed method improves the system security by 120.38% on average, which shows 106.23, 110.45 and 144.46% improvement for the IoT sensor layer, controller layer and application layer, respectively [30–35].
[1] P. Aufner, "The IoT security gap: a look down into the valley between threat models and their implementation," International Journal of Information Security, vol. 19 no. 1,DOI: 10.1007/s10207-019-00445-y, 2019.
[2] Gartner, “Gartner Says the Internet of Things Will Transform the Data Center, (2014 http://www.gartner.com/newsroom/id/2684616
[3] IoT. Analytics, “Why the Internet of Things Is Called Internet of Things: Definition, History, Disambiguation,” (2014) https://iot-analytics.com/internetof-things-definition
[4] D. Ferraris, C. Fernandez-Gago, "TrUStAPIS: a trust requirements elicitation method for IoT," International Journal of Information Security, vol. 19,DOI: 10.1007/s10207-019-00438-x, 2019.
[5] M. Trik, S. Pour Mozafari, A. M. Bidgoli, "An adaptive routing strategy to reduce energy consumption in network on chip," Journal of Advances in Computer Research, vol. 12 no. 3,DOI: 10.1155/2021/8338903, 2021.
[6] H.-T. Nguyen, Q.-D. Ngo, V.-H. Le, "A novel graph-based approach for IoT botnet detection," International Journal of Information Security, vol. 19,DOI: 10.1007/s10207-019-00475-6, 2019.
[7] A. M. Rahmani, "Exploiting smart e-Health gateways at the edge of healthcare Internet-of-Things: a fog computing approach," Future Generation Computer Systems, vol. 78, pp. 641-658, DOI: 10.1016/j.future.2017.02.014, 2018.
[8] H. Dubey, "Fog computing in medical internet-of-things: architecture, implementation, and applications," Handbook of Large-Scale Distributed Computing in Smart Healthcare, 2017.
[9] I. Azimi, "HiCH: hierarchical fog-assisted computing architecture for healthcare IoT," ACM Transactions on Embedded Computing Systems, vol. 16,DOI: 10.1145/3126501, 2017.
[10] T. N. Gia, "Low-cost fog-assisted health-care IoT system with energy-efficient sensor nodes," Proceedings of the 2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC),DOI: 10.1109/iwcmc.2017.7986551, .
[11] P. Hu, "Fog computing based face identification and resolution scheme in internet of things," IEEE Transactions on Industrial Informatics, vol. 13, pp. 1910-1920, 2016.
[12] V. Suneetha, S. Suresh, J. Viswa, "A novel framework using Apache spark for privacy preservation of healthcare big data," Proceedings of the 2020 2nd International Conference on Innovative Mechanisms for Industry Applications (ICIMIA),DOI: 10.1109/icimia48430.2020.9074867, .
[13] S. Jebri, "lightweight Algorithm to secure data transmission in IoT systems," Wireless Personal Communications, vol. 116, pp. 2321-2344, DOI: 10.1007/s11277-020-07792-3, 2021.
[14] F. Afandi, R. Sarno, "Android application for advanced security system based on voice recognition, biometric authentication, and internet of things," Proceedings of the 2020 International Conference on Smart Technology and Applications (ICoSTA),DOI: 10.1109/ICoSTA48221.2020.1570615292, .
[15] W. Yang, S. Wang, G. Zheng, J. Yang, C. Valli, "A privacy-preserving lightweight biometric system for internet of things security," IEEE Communications Magazine, vol. 57 no. 3, pp. 84-89, DOI: 10.1109/MCOM.2019.1800378, 2019.
[16] N. Karimian, M. Tehranipoor, D. Woodard, D. Forte, "Unlock your heart: next generation biometric in resource-constrained healthcare systems and IoT," IEEE Access, vol. 7, pp. 49135-49149, DOI: 10.1109/ACCESS.2019.2910753, 2019.
[17] F. Thabit, "A new lightweight cryptographic algorithm for enhancing data security in cloud computing," Global Transitions Proceedings, vol. 2, pp. 91-99, DOI: 10.1016/j.gltp.2021.01.013, 2021.
[18] A. Hussain, C. Xu, M. Ali, "Security of cloud storage system using various cryptographic techniques," International Journal of Mathematics Trends and Technology, vol. 60, pp. 45-51, DOI: 10.14445/22315373/ijmtt-v60p509, 2018.
[19] R. F. Abdel-Kader, S. H. El-Sherif, R. Y. Rizk, "Efficient two-stage cryptography scheme for secure distributed data storage in cloud computing," International Journal of Electrical and Computer Engineering, vol. 10, 2020.
[20] C. Esposito, "Blockchain: a panacea for healthcare cloud-based data security and privacy," IEEE Cloud Computing, vol. 5, pp. 31-37, DOI: 10.1109/mcc.2018.011791712, 2018.
[21] Wani, Q. P. Abdul Raoof, "Performance evaluation and analysis of advanced symmetric key cryptographic algorithms for cloud computing security," Soft Computing: Theories and Applications, 2019.
[22] V. Agarwal, A. K. Kaushal, L. Chouhan, "A survey on cloud computing security issues and cryptographic techniques," Social Networking and Computational Intelligence, 2020.
[23] B. Umapathy, "A survey ON cryptographic algorithm for data security IN cloud storage environment," European Journal of Molecular & Clinical Medicine, vol. 7 no. 9, 2020.
[24] A. Banerjee, "A secure IoT-fog enabled smart decision making system using machine learning for intensive care unit," Proceedings of the 2020 International Conference on Artificial Intelligence and Signal Processing (AISP),DOI: 10.1109/aisp48273.2020.9073062, .
[25] K. Jaiswal, V. Anand, "A survey on IoT-based healthcare system: potential applications, issues, and challenges," Advances in Biomedical Engineering and Technology, 2021.
[26] B. K. Mohanta, "Survey on IoT security: challenges and solution using machine learning, artificial intelligence and blockchain technology," Internet of Things, vol. 11,DOI: 10.1016/j.iot.2020.100227, 2020.
[27] N. T. Le, D. B. Hoang, "Security threat probability computation using Markov chain and common vulnerability scoring system," Proceedings of the 28th International Telecommunication Networks and Applications Conference (ITNAC),DOI: 10.1109/atnac.2018.8615386}, .
[28] H. A. Kholidy, A. Erradi, S. Abdelwahed, A. Azab, "A finite state hidden Markov model for predicting multistage attacks in cloud systems," Proceedings of the 2014 IEEE 12th International Conference on Dependable, Autonomic and Secure Computing, pp. 14-19, .
[29] H. Wimberly, L. M. Liebrock, "Using Fingerprint Authentication to Reduce System Security: An Empirical Study," Proceedings of the IEEE Symposium on Security and Privacy, .
[30] V. A. Bharadi, G. M. DSilva, . Online Signature Recognition Using Software as a Service (SaaS) Model on Public Cloud. 2015 International Conference on Computing Communication Control and Automation, (2015)
[31] D. Choi, S. Seo, Y. Oh, Y. Kang, "Two-factor fuzzy commitment for unmanned IoT devices security," IEEE Internet of Things Journal, vol. 6 no. 1, pp. 335-348, DOI: 10.1109/JIOT.2018.2837751, 2019.
[32] A. F. Jabeen, "Development and implementation using Arduino and Raspberry Pi based Ignition control system," Advances in Computational Sciences and Technology, vol. 10 no. 7, pp. 1989-2004, 2017.
[33] M. Mehrnezhad, E. Toreini, S. F. Shahandashti, F. Hao, "Stealing PINs via mobile sensors: actual risk versus user perception," International Journal of Information Security, vol. 17 no. 3, pp. 291-313, DOI: 10.1007/s10207-017-0369-x, 2017.
[34] R. Vijaysanthi, N. Radha, M. J. Shree, V. Sindhujaa, "Fingerprint authentication using raspberry Pi based on IoT," Proceedings of the 2017 International Conference on Algorithms, Methodology, Models and Applications in Emerging Technologies (ICAMMAET),DOI: 10.1109/icammaet.2017.8186737, .
[35] M. Trik, S. Pour Mozaffari, A. M. Bidgoli, "Providing an adaptive routing along with a hybrid selection strategy to increase efficiency in NoC-based neuromorphic systems," Computational Intelligence and Neuroscience, vol. 2021,DOI: 10.1155/2021/8338903, 2021.
You have requested "on-the-fly" machine translation of selected content from our databases. This functionality is provided solely for your convenience and is in no way intended to replace human translation. Show full disclaimer
Neither ProQuest nor its licensors make any representations or warranties with respect to the translations. The translations are automatically generated "AS IS" and "AS AVAILABLE" and are not retained in our systems. PROQUEST AND ITS LICENSORS SPECIFICALLY DISCLAIM ANY AND ALL EXPRESS OR IMPLIED WARRANTIES, INCLUDING WITHOUT LIMITATION, ANY WARRANTIES FOR AVAILABILITY, ACCURACY, TIMELINESS, COMPLETENESS, NON-INFRINGMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Your use of the translations is subject to all use restrictions contained in your Electronic Products License Agreement and by using the translation functionality you agree to forgo any and all claims against ProQuest or its licensors for your use of the translation functionality and any output derived there from. Hide full disclaimer
Copyright © 2022 Masoud Moradi et al. This work is licensed under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.
Abstract
The Internet of Things (IoT) is reported as a main research topic in the current decade. It will be possible to connect smart devices to each other using IoT, a platform such as the Internet. However, the expansion and intrusion of such a large network raises some new security issues and risks related to the disclosure of user confidential information where these devices are subject to hacker threats and intrusions. Traditional security systems were password based. In this paper, after reviewing the actions taken in this regard, the improvement level of biometric security compared with traditional password-based methods will be proven in section three using the Markov model. By considering the results of the evaluation, the probability of occurrence of security problems is decreased by 90.71% by applying biometric features. Then, multi-layer security architecture with biometric features and coding systems is suggested to increase security. In the first layer, the fingerprint recognition algorithm is dependent on the module, and the U.are.U 5100 module provides more security than others. In the second layer, the Hash mechanism of the MD5 algorithm is, on average, 63.21% more efficient. By determining the properties of the first two architectural layers and ultimately for the IoT application layer, empirical methods and hardware platforms for the Internet of things are used. Concerning the simulation results, the suggested mechanism enhances the system security by 120.38% on average, which is 106.23, 110.45, and 144.46% of relative improvement compared with IoT sensors, controller layer mechanisms, and application layer mechanisms, respectively.
You have requested "on-the-fly" machine translation of selected content from our databases. This functionality is provided solely for your convenience and is in no way intended to replace human translation. Show full disclaimer
Neither ProQuest nor its licensors make any representations or warranties with respect to the translations. The translations are automatically generated "AS IS" and "AS AVAILABLE" and are not retained in our systems. PROQUEST AND ITS LICENSORS SPECIFICALLY DISCLAIM ANY AND ALL EXPRESS OR IMPLIED WARRANTIES, INCLUDING WITHOUT LIMITATION, ANY WARRANTIES FOR AVAILABILITY, ACCURACY, TIMELINESS, COMPLETENESS, NON-INFRINGMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Your use of the translations is subject to all use restrictions contained in your Electronic Products License Agreement and by using the translation functionality you agree to forgo any and all claims against ProQuest or its licensors for your use of the translation functionality and any output derived there from. Hide full disclaimer
Details
; Mohammad Bagher Tavakoli 1 1 Department of Electrical Engineering, Arak Branch, Islamic Azad University, Arak, Iran
2 Department of Electrical Engineering, Ilam Branch, Islamic Azad University, Ilam, Iran