查看文章

IoT products and services will collect a large amount of data including those related to users. This collected data are stored either locally on the smart devices or on the cloud. Although IoT expansions promise enormous benefits in productivity and efficiency, these devices often lack the security requirements we become used to in the domain of desktops and server computing. Therefore, processing such large-scale IoT data can also lead to many security issues such as intrusion attacks, data leakage, user privacy and traceability. The lack of robust security measures in defending IoT systems can compromise the IoT infrastructures and their data. Moreover, since IoT devices usually operate under tight resource constraints, IoT devices are a fruitful target for adversaries' exploitation. This thesis presents substantial contributions to research on building a scalable, real-time IoT security framework. This thesis provides several novel strategies for identifying and authenticating devices, detecting network-known and zero-day attacks against IoT devices, and detecting malware executables targeting IoT and embedded systems. In this thesis we consider three security aspects: IoT device identification and authentication, network traffic intrusion detection, and executable malware files detection. The first key contribution is constructing a comprehensive survey that focuses on all security aspects and challenges facing IoT systems, including outsourcing techniques for partial computations on edge or cloud, while presenting case studies to map security challenges and requirements in real IoT case scenarios. The second main contribution is proposing a …