The 2nd IEEE Services Workshop on Cyber Security and Resilience in the Internet of Things (CSRIoT)

The technological and industrial revolution brought by the Internet of Things (IoT) comes with new forms of threats and attacks that exploit the inherent complexity and heterogeneity of IoT networks.

There are many recent examples of attacks that exploit IoT devices to perform large-scale distributed denial of service attacks, to spy on people, and to hijack communication links, therefore delivering full control of anything that is remotely accessible to an attacker. Those attacks deeply affect the operation of a number of services that are vital for society functioning as energy, transport, communications, and so on.

Moreover, IoT is largely used in monitoring activities of complex systems as smart city, industrial plant, health systems, bridges, and so forth. Because of that, if an IoT system experiences an attack, it should still exhibit resilience in the form of graceful degradation and/or survival and fast recovery (bounce-back/bounce-forward) of the functionality from the eventual failure or misbehavior. IoT resilience is here to understand the strategies and methods for a cyber-attack absorption and infrastructure operational recovery and needs to be considered as an integral part of the IoT Cyber Security landscape.

The workshop focuses on both the theoretical & practical aspects of the security, privacy, trust, and resilience of IoT networks, devices, applications, and services as well as novel ways of dealing with their vulnerabilities and mitigating sophisticated cyber-attacks. Topics of interest include but are not limited to:

• Blockchain applications in IoT
• Cyber-threat intelligence
• Game-theoretic security for IoT
• Identity management and access control for IoT
• IoT and cloud forensics
• Lightweight cryptography for IoT
• Malware detection and mitigation
• Network intrusion detection/mitigation
• Privacy and data protection in IoT
• Security in mobile applications
• System and data integrity
• Trust management for IoT
• Operational recovery and continuity in IoT
• Cyber-attack resiliency IoT architecture
• Cyber Threat adaptive capacity in IoT