Search Results (173)

This paper presents the Mobility-Aware Client Selection (MACS) strategy, developed to address the challenges associated with client mobility in Federated Learning (FL). FL enables decentralized machine learning by allowing collaborative model training without sharing raw data, preserving privacy. However, client mobility and limited resources in IoT environments pose significant challenges to the efficiency and reliability of FL. MACS is designed to maximize client participation while ensuring timely updates under computational and communication constraints. The proposed approach incorporates a Mobility Prediction Model to forecast client connectivity and resource availability and a Resource-Aware Client Evaluation mechanism to assess eligibility based on predicted latencies. MACS optimizes client selection, improves convergence rates, and enhances overall system performance by employing these predictive capabilities and a dynamic resource allocation strategy. The evaluation includes comparisons with advanced baselines such as Reinforcement Learning-based FL (RL-based) and Deep Learning-based FL (DL-based), in addition to Static and Random selection methods. For the CIFAR dataset, MACS achieved a final accuracy of 95%, outperforming Static selection (85%), Random selection (80%), RL-based FL (90%), and DL-based FL (93%). Similarly, for the MNIST dataset, MACS reached 98% accuracy, surpassing Static selection (92%), Random selection (88%), RL-based FL (94%), and DL-based FL (96%). Additionally, MACS consistently required fewer iterations to achieve target accuracy levels, demonstrating its efficiency in dynamic IoT environments. This strategy provides a scalable and adaptable solution for sustainable federated learning across diverse IoT applications, including smart cities, healthcare, and industrial automation. Full article

The introduction of blockchain sharding technology in IIoT (Industrial Internet of Things) can leverage the scalability, decentralization, and immutability of blockchain to significantly enhance security. However, existing IIoT operations are highly correlated with business and geographical locations, as well as network conditions, making traditional random sharding schemes unsuitable for such scenarios. To address this issue, we propose the FLPShard model, a method that transforms the sharding problem into a single-source capacitated facility location problem (SSCFLP). FLPShard can handle multiple constraints simultaneously and allows multiple nodes to be bundled and allocated as a whole, meeting the demands of IIoT. By constructing neighborhoods during the dynamic adjustment process, we achieve dynamic incremental updates and automatic splitting of blockchain shards. We evaluated FLPShard by building a system prototype, and the results show that, compared to random sharding algorithms, FLPShard significantly increases system throughput and greatly reduces transaction latency. Full article

The rapid advancement of the Internet of Things (IoT) and mobile devices has made location-based services (LBSs) increasingly prevalent, significantly improving daily convenience and work efficiency. However, this widespread usage has raised growing concerns about privacy and security, particularly during data outsourcing to cloud servers, where users’ location information and related data are susceptible to breaches by malicious actors or attackers. Traditional privacy-preserving spatial keyword schemes often employ Bloom filters for data encoding and storage. While Bloom filters offer high lookup speeds, they suffer from limitations such as a relatively high false positive rate in certain scenarios and poor space efficiency. These issues can adversely affect query accuracy and overall user experience. Furthermore, existing schemes have not sufficiently addressed the multi-attribute characteristics of spatial textual data. At the same time, relying solely on cloud servers for large-scale data processing introduces additional challenges, including heavy computational overhead, high latency, and substantial communication costs. To address these challenges, we propose a cloud–edge collaborative privacy-preserving dynamic spatial keyword query scheme with multi-attribute cost constraints. This scheme introduces a novel index structure that leverages security-enhanced Xor filter technology and Geohash techniques. This index structure not only strengthens query security and efficiency but also significantly reduces the false positive rate, thereby improving query accuracy. Moreover, the proposed scheme supports multi-attribute cost constraints and dynamic data updates, allowing it to adapt flexibly to practical requirements and user-specific needs. Finally, through security analysis and experimental evaluation, we demonstrate that the proposed scheme is both secure and effective. Full article

Modern mobility faces increasing challenges, like carbon-free transportation and the need for flexible transportation solutions. The U-Shift II project addresses these problems through a modular electric vehicle architecture, a drive unit (Driveboard) and a vehicle body (Capsule). This separation offers high flexibility in different use cases. Current architecture paradigms, like AUTOSAR, face limitations in cost and development speed. To address these issues, this paper introduces a hybrid software architecture that integrates signal-oriented architecture (e.g., CAN bus) with service-oriented architecture for enhanced flexibility. A integral component of the hybrid architecture is the dynamic link system, which bridges these architectures by dynamically integrating Capsule-specific components into the Driveboard software stack during runtime. The performance of the developed systen and its functionality were evaluated using a hardware setup integrated into a Driveboard prototype. The dynamic link aystem was evaluated including latency measurements, as well as functionality tests. Additionally, a cloud-based reconfiguration process enhances the versatility of the Driveboard by allowing for over-the-air software updates and resource allocation. The results show a promising hybrid, reconfigurable E/E architecture that aims to enable a robust transition towards a pure service-oriented architecture required in future electric autonomous vehicles. Full article

Emerging edge devices are transforming the Internet of Things (IoT) by enabling more responsive and efficient interactions between physical objects and digital networks. These devices support diverse applications, from health-monitoring wearables to environmental sensors, by moving data processing closer to the source. Traditional IoT systems rely heavily on centralized servers, but advances in edge computing and Tiny Machine Learning (TinyML) now allow for on-device processing, enhancing battery efficiency and reducing latency. While this shift improves privacy, the distributed nature of edge devices introduces new security challenges, particularly regarding TinyML models, which are designed for low-power environments and may be vulnerable to tampering or unauthorized access. Since other IoT entities depend on the data generated by these models, ensuring trust in the devices is essential. To address this, we propose a lightweight dual attestation mechanism utilizing Entity Attestation Tokens (EATs) to validate the device and ML model integrity. This approach enhances security by enabling verified device-to-device communication, supports seamless integration with secure cloud services, and allows for flexible, authorized ML model updates, meeting modern IoT systems’ scalability and compliance needs. Full article

Task offloading in satellite networks, which involves distributing computational tasks among heterogeneous satellite nodes, is crucial for optimizing resource utilization and minimizing system latency. However, existing approaches such as static offloading strategies and heuristic-based offloading methods neglect dynamic topologies and uncertain conditions that hinder adaptability to sudden changes. Furthermore, current collaborative computing strategies inadequately address satellite platform heterogeneity and often overlook resource fluctuations, resulting in inefficient resource sharing and inflexible task scheduling. To address these issues, we propose a dynamic gradient descent-based task offloading method. This method proposes a collaborative optimization framework based on dynamic programming. By constructing delay optimization and resource efficiency models and integrating dynamic programming with value iteration techniques, the framework achieves real-time updates of system states and decision variables. Then, a distributed gradient descent algorithm combined with Gradient Surgery techniques is employed to optimize task offloading decisions and resource allocation schemes, ensuring a precise balance between delay minimization and resource utilization maximization in dynamic network environments. Experimental results demonstrate that the proposed method enhances the global optimizing result by at least 1.97%, enhances resource utilization rates by at least 3.91%, and also reduces the solution time by at least 191.91% in large-scale networks. Full article

Event-based cameras are a new type of vision sensor in which pixels operate independently and respond asynchronously to changes in brightness with microsecond resolution, instead of providing standard intensity frames. Compared with traditional cameras, event-based cameras have low latency, no motion blur, and high dynamic range (HDR), which provide possibilities for robots to deal with some challenging scenes. We propose a visual–inertial odometry for stereo event-based cameras based on Error-State Kalman Filter (ESKF). The vision module updates the pose by relying on the edge alignment of a semi-dense 3D map to a 2D image, while the IMU module updates the pose using median integration. We evaluate our method on public datasets with general 6-DoF motion (three-axis translation and three-axis rotation) and compare the results against the ground truth. We compared our results with those from other methods, demonstrating the effectiveness of our approach. Full article

The widespread deployment of CCTV systems has significantly enhanced surveillance and public safety across various environments. However, the emergence of deepfake technology poses serious challenges by enabling malicious manipulation of video footage, compromising the reliability of CCTV systems for evidence collection and privacy protection. Existing deepfake detection solutions often suffer from high computational overhead and are unsuitable for real-time deployment on resource-constrained CCTV cameras. This paper proposes FL-TENB4, a Federated-Learning-enhanced Tiny EfficientNetB4-Lite framework for deepfake detection in CCTV environments. The proposed architecture integrates Tiny Machine Learning (TinyML) techniques with EfficientNetB4-Lite, a lightweight convolutional neural network optimized for edge devices, and employs a Federated Learning (FL) approach for collaborative model updates. The TinyML-based local model ensures real-time deepfake detection with minimal latency, while FL enables privacy-preserving training by aggregating model updates without transferring sensitive video data to centralized servers. The effectiveness of the proposed system is validated using the FaceForensics++ dataset under resource-constrained conditions. Experimental results demonstrate that FL-TENB4 achieves high detection accuracy, reduced model size, and low inference latency, making it highly suitable for real-world CCTV environments. Full article

Modern autonomous driving and intelligent transportation systems face critical challenges in managing real-time data processing, network latency, and security threats across distributed vehicular environments. Conventional cloud-centric architectures typically struggle to meet the low-latency and high-reliability requirements of vehicle-to-everything (V2X) applications, particularly in dynamic and resource-constrained edge environments. To address these challenges, this study introduces the V2X-Car Edge Cloud system, which is a cloud-native architecture driven by DevSecOps principles to ensure secure deployment, dynamic resource orchestration, and real-time monitoring across distributed edge nodes. The proposed system integrates multicluster orchestration with Kubernetes, hybrid communication protocols (C-V2X, 5G, and WAVE), and data-fusion pipelines to enhance transparency in artificial intelligence (AI)-driven decision making. A software-in-the-loop simulation environment was implemented to validate AI models, and the SmartX MultiSec framework was integrated into the proposed system to dynamically monitor network traffic flow and security. Experimental evaluations in a virtual driving environment demonstrate the ability of the proposed system to perform automated security updates, continuous performance monitoring, and dynamic resource allocation without manual intervention. Full article

5G technology and IoT devices are improving efficiency and quality of life across many sectors. IoT devices are often used in open environments where they handle sensitive data. This makes them vulnerable to side-channel attacks (SCAs), where attackers can intercept and analyze the electromagnetic signals emitted by microcontroller units (MCUs) to expose encryption keys and compromise sensitive data. To address this critical vulnerability, this study proposes a novel dynamic key replacement mechanism specifically designed for lightweight IoT microcontrollers. The mechanism integrates Moving Target Defense (MTD) with a lightweight Diffie–Hellman (D-H) key exchange protocol and AES-128 encryption to provide robust protection against SCAs. Unlike traditional approaches, the proposed mechanism dynamically updates encryption keys during each cryptographic cycle, effectively mitigating the risk of key reuse—a primary vulnerability exploited in SCAs. The lightweight D-H key exchange ensures that even resource-constrained IoT devices can securely perform key exchanges without significant computational overhead. Experimental results demonstrate the practicality and security of the proposed mechanism, achieving key updates with minimal time overhead, ranging from 12 to 50 milliseconds per encryption transmission. Moreover, the approach shows strong resilience against template attacks, with only two out of sixteen AES-128 subkeys compromised after 20,000 attack attempts—a notable improvement over existing countermeasures. The key innovation of this study lies in the seamless integration of MTD with lightweight cryptographic protocols, striking a balance between security and performance. This dynamic key replacement mechanism offers an effective, scalable, and resource-efficient solution for IoT applications, particularly in scenarios that demand robust protection against SCAs and low-latency performance. Full article

Sensor-based gesture recognition on mobile devices is critical to human–computer interaction, enabling intuitive user input for various applications. However, current approaches often rely on server-based retraining whenever new gestures are introduced, incurring substantial energy consumption and latency due to frequent data transmission. To address these limitations, we present the first on-device continual learning framework for gesture recognition. Leveraging the Nearest Class Mean (NCM) classifier coupled with a replay-based update strategy, our method enables continuous adaptation to new gestures under limited computing and memory resources. By employing replay buffer management, we efficiently store and revisit previously learned instances, mitigating catastrophic forgetting and ensuring stable performance as new gestures are added. Experimental results on a Samsung Galaxy S10 device demonstrate that our method achieves over 99% accuracy while operating entirely on-device, offering a compelling synergy between computational efficiency, robust continual learning, and high recognition accuracy. This work demonstrates the potential of on-device continual learning frameworks that integrate NCM classifiers with replay-based techniques, thereby advancing the field of resource-constrained, adaptive gesture recognition. Full article

Modern electrical grids are evolving towards distributed architectures, necessitating efficient and reliable state synchronization mechanisms to maintain structural and functional consistency. This paper investigates the application of conflict-free replicated data types (CRDTs) for representing and synchronizing the states of distributed electrical grid systems (DEGSs). We present a general structure for DEGSs based on CRDTs, focusing on the Convergent Replicated Data Type (CvRDT) model with delta state propagation to optimize the communication overhead. The Observed Remove Set (ORSet) and Last-Writer-Wins Register (LWW-Register) are utilized to handle concurrent updates and ensure that only the most recent state changes are retained. An actor-based framework, “Vigilant Hawk”, leveraging the Akka toolkit, was developed to simulate the asynchronous and concurrent nature of DEGSs. Each electrical grid node is modelled as an independent actor with isolated state management, facilitating scalability and fault tolerance. Through a series of experiments involving 100 nodes under varying latency degradation coefficients (LDK), we examined the impact of network conditions on the state synchronization efficiency. The simulation results demonstrate that CRDTs effectively maintain consistency and deterministic behavior in DEGSs, even with increased network latency and node disturbances. An effective LDK range was identified (LDK effective = 2 or 4), where the network remains stable without significant delays in state propagation. The linear relationship between the full state distribution time (FSDT) and LDK indicates that the system can scale horizontally without introducing complex communication overhead. The findings affirm that using CRDTs for state synchronization enhances the resilience and operational efficiency of distributed electrical grids. The deterministic and conflict-free properties of CRDTs eliminate the need for complex concurrency control mechanisms, making them suitable for real-time monitoring and control applications. Future work will focus on addressing identified limitations, such as optimizing message routing based on the network topology and incorporating security measures to protect state information in critical infrastructure systems. Full article

Embedded systems, particularly when integrated into the Internet of Things (IoT) landscape, are critical for projects requiring robust, energy-efficient interfaces to collect real-time data from the environment. As these systems become complex, the need for dynamic reconfiguration, improved availability, and stability becomes increasingly important. This paper presents the design of a framework architecture that supports dynamic reconfiguration and “on-the-fly” code execution in IoT-enabled embedded systems, including a virtual machine capable of hot reloads, ensuring system availability even during configuration updates. A “hardware-in-the-loop” workflow manages communication between the embedded components, while low-level coding constraints are accessible through an additional abstraction layer, with examples such as MicroPython or Lua. The study results demonstrate the VM’s ability to handle serialization and deserialization with minimal impact on system performance, even under high workloads, with serialization having a median time of 160 microseconds and deserialization having a median of 964 microseconds. Both processes were fast and resource-efficient under normal conditions, supporting real-time updates with occasional outliers, suggesting room for optimization and also highlighting the advantages of VM-based firmware update methods, which outperform traditional approaches like Serial and OTA (Over-the-Air, the ability to update or configure firmware, software, or devices via wireless connection) updates by achieving lower latency and greater consistency. With these promising results, however, challenges like occasional deserialization time outliers and the need for optimization in memory management and network protocols remain for future work. This study also provides a comparative analysis of currently available commercial solutions, highlighting their strengths and weaknesses. Full article

The cross-chain identity authentication method based on relay chains provides a promising solution to the issues brought by the centralized notary mechanism. Nonetheless, it continues to encounter numerous challenges regarding data privacy, security, and issues of heterogeneity. For example, there is a concern regarding the protection of identity information during the cross-chain authentication process, and the incompatibility of cryptographic components across different blockchains during cross-chain transactions. We design and propose a cross-chain identity privacy protection method based on relay chains to address these issues. In this method, the decentralized nature of relay chains ensures that the cross-chain authentication process is not subject to subjective manipulation, guaranteeing the authenticity and reliability of the data. Regarding the compatibility issue, we unify the user keys according to the identity manager organization, storing them on the relay chain and eliminating the need for users to configure identical key systems. Additionally, to comply with General Data Protection Regulation (GDPR) principles, we store the user keys from the relay chain in distributed servers using the InterPlanetary File System (IPFS). To address privacy concerns, we enable pseudonym updates based on the user’s public key during cross-chain transactions. This method ensures full compatibility while protecting user privacy. Moreover, we introduce Zero-Knowledge Proof (ZKP) technology, ensuring that audit nodes cannot trace the user’s identity information with malicious intent. Our method offers compatibility while ensuring unlinkability and anonymity through thorough security analysis. More importantly, comparative analysis and experimental results show that our proposed method achieves lower computational cost, reduced storage cost, lower latency, and higher throughput. Therefore, our method demonstrates superior security and performance in cross-chain privacy protection. Full article

The Internet of Vehicles (IoV), a key component of smart transportation systems, leverages 5G communication for low-latency data transmission, facilitating real-time interactions between vehicles, roadside units (RSUs), and sensor networks. However, the open nature of 5G communication channels exposes IoV systems to significant security threats, such as eavesdropping, replay attacks, and message tampering. To address these challenges, this paper proposes the Efficient Cluster-based Mutual Authentication and Key Update Protocol (ECAUP) designed to secure IoV systems within 5G-enabled sensor networks. The ECAUP meets the unique mobility and security demands of IoV by enabling fine-grained access control and dynamic key updates for RSUs through a factorial tree structure, ensuring both forward and backward secrecy. Additionally, physical unclonable functions (PUFs) are utilized to provide end-to-end authentication and physical layer security, further enhancing the system’s resilience against sophisticated cyber-attacks. The security of the ECAUP is formally verified using BAN Logic and ProVerif, and a comparative analysis demonstrates its superiority in terms of overhead efficiency (more than 50%) and security features over existing protocols. This work contributes to the development of secure, resilient, and efficient intelligent transportation systems, ensuring robust communication and protection in sensor-based IoV environments. Full article