The use of lightweight and light weight block ciphers in the Internet of Things is inevitable. Recently, Midori64 has received a lot of attention among other lightweight ciphers due to its very low power consumption. Midori64 security has been threatened by various attacks, including side channel attacks. One of the types of side channel attacks is correlation power analysis, in which an attacker can discover the encryption key by using the power leak of the cryptographic chip while the algorithm is running, data being processed and operations being executed. Masking against power analysis attacks is known as one of the most effective methods of cryptographic algorithms. The purpose of the mask is to disrupt the relationship between power consumption and ongoing operations. In this paper, an implemented version of the Midori64 code on an Atmega32 AVR micro-controller is attacked by correlation power analysis, and an encryption key with 300 blocks of plain text is discovered. After masking the Midori64 with the Boolean masking method, the attack was performed again, and the experimental results showed that the Boolean masking method could prevent key discovery.

Today, establishing a reliable communication path between devices in low power and lossy networks (LLNs) has become a big challenge. Routing protocol for low power and lossy networks (RPL) is used as a standard routing protocol in LLN networks. The RPL protocol, located at the network layer, uses the objective function to select the optimal path. Due to the fact that various attacks may be created in the routing process, hence the need to pay attention to reliable and trusted routing has become one of the most important and up-to-date research issues. For this reason, in this research, a reliable routing method based on RPL for the Internet of Things is presented. The advantages of the proposed method compared to other methods are that, on the one hand, the rate of lost packets has decreased, and on the other hand, the stability of a node is higher in relation to rank changes. Finally, Cooja simulator has been used to evaluate the proposed method.

Fog is a cloud that closes to the ground. The components of fog and cloud complement each other. These components provide mutually beneficial interdependent services for communication, processing, control, and storage across the network. Attacking the fog nodes are as important as attacking the cloud. Since the fog node has more limited resources, it is more targeted by intruders. In addition, fog nodes are more attractive to attackers because they have less computing power and are located closer to the attacker than the cloud. But the key point is that access to limited resources makes it easier to save the fog node because the fog does not have the complexities of the cloud, and it is easy to run an intrusion detection system on it. In this article, focusing on the resource limitation in the fog node, we will invent a method to save the fog node. In the proposed method, the support vector machines (SVMs) technique is used. Among the advantages of using the support vector machine, we can mention not being trapped in local optima, solving the over fitting problem, and ease of working with high-dimensional data. Based on the research, support vector machine is the most widely used machine learning method for Internet of Things security articles in the literature. In this article, in order to conduct tests, according to published global statistics, the most important category of web attacks, i.e. SQL injection attacks, is considered. The average detection accuracy is obtained and the results of the evaluations indicate the acceptable efficiency of the proposed method.

With the advancement and development of Internet of Things (IoT) applications, the need for securing infrastructure in this domain has gained particular importance due to the limitations of computational and storage resources. Botnets are among IoT security challenges in which, by infecting computational nodes of this technology, they are capble of turning the network into a collection of compromised machines under the control of attackers. This paper proposes an anomaly detection system based on ensemble learning to prevent and identify IoT botnet attacks at the initial scanning stage and DDoS attacks. This system uses feature selection and optimal hyperparameter tuning for each classifier to increase model accuracy and prevent overfitting. The data used in this paper is taken from the BoT-IoT dataset, which covers activities related to different stages of the botnet lifecycle. For feature selection and classification, two ensemble learning algorithms, LightGBM and Random Forest, are used, and hyperparameter optimization is performed using the TPE method. Results demonstrated that the LightGBM algorithm achieved an error rate of 0.98% and an accuracy of 99.02%, while the Random Forest algorithm exhibited an error rate of 0.01% and an accuracy of 99.99%, indicating highly satisfactory performance in attack detection. The proposed models, with increased training and prediction time, have offered significantly higher accuracy compared to previous models.

Privacy preservation in healthcare monitoring systems has always been a concern for both patients and doctors. To address this issue, many protocols have been designed. In this article, we examine the proposed scheme by Nasr Esfahani and colleagues, evaluating it from a security perspective. Their proposed scheme uses a three-layer hierarchical template chain to store and maintain critical medical information of patients in a centralized and secure manner. Additionally, by using Zero-Knowledge Proof (ZKP) and ring signature methods, they demonstrate that their scheme protects medical data against both internal and external attacks. According to potential scenarios, the Nasr Esfahani et al. protocol has shown good performance against many attacks, such as storage attacks and replay attacks, but it is vulnerable to integrity violation attacks. The success probability of the attacks presented in this article is one, and the complexity is only a single execution of the protocol.