The 3rd International Workshop on Security and Forensics of IoT

to be held in conjunction with the 14th International Conference on Availability, Reliability and Security
(ARES 2019 –

August 26 – August 29, 2019, Canterbury, UK

Internet-of-Things (IoT) are becoming increasingly prevalent in our society, as the backbone of interconnected smart homes, smart hospitals, smart cities, smart wearables and other smart environments. IoT leverage embedded technologies equipped with sensors and communication capabilities; they are able to broadcast their presence to other objects and interact with them using different protocols. Gartner predicts that, by 2020, 21 billion IoT endpoints will be in use. Along with usability, efficiency, and cost savings benefits, increasingly, the use of IoT pose security risks and raise challenges to digital forensics. The massive DDoS caused by the Mirai botnet which exploited IoT devices is a recent example. This workshop aims to bring together researchers and practitioners from both communities – security and forensics – to discuss problems and solutions regarding IoT.

Topics of interest include, but are not limited to:

Adaptive security in IoT
Challenges related to IoT forensics and security
Coexistence of different security protocols in IoT
Covert communication in IoT
Cryptography protocols and algorithms for IoT
Cybercrimes exploiting IoT
Data analysis of IoT for forensic investigation
Data ownership and attack simulation methods for IoT networks and devices
Identification/preservation of evidence for digital forensic investigations involving IoT

Intrusion and malware detection/prevention technologies for IoTLegal and human aspects of security and forensics of IoT
Models for risk identification and assessment in IoT networks
Privacy and trust in IoT
Security and forensic aspects in Cyber physical IoT systems
Security applications and management of IoT
Security architectures and protection mechanisms for IoT
Security in Wireless Sensor Networks applied to IoT
Threat models and attack strategies for IoT

Important Dates
Submission Deadline May 10, 2019
Author Notification June 10, 2019
Proceedings Version June 23, 2019
ARES EU Symposium August 26, 2019
Conference August 26 – August 29, 2019

Gareth Howells
Practical IoT Device Authentication with ICMetrics

Abstract: The digital revolution has transformed the way we create, destroy, share, process and manage information, bringing many benefits in its wake with an ever increasing number of embedded consumer and communication devices at the heart of this revolution. However, such technology has also increased the opportunities for fraud and other related crimes to be committed. Therefore, as the adoption of IoT devices expands, it becomes vital to ensure the integrity and authenticity of such devices and to manage, control access to and verify their identity. ICmetrics represents a robust and flexible approach for generating unique identifiers for a range of IoT devices based on their determinable operating characteristics enabling secure encrypted communication between devices potentially significantly reducing both fraudulent activity such as eavesdropping and device cloning. This talk introduces the technical challenges associated with ICmetric technology and explores some of the practical considerations associated with its successful commercial exploitation, showing how a robust and flexible approach may be created suitable for practical exploitation.

Gareth Howells is currently a Professor of Secure Electronic Systems at the University of Kent and Founder, Director and Chief Technology Officer of Metrarc Ltd, a University spin-out company. He has been involved in research relating to pattern recognition and image processing for over 30 years and has published over 200 papers in the technical literature, co-editing two books and contributing to several other edited publications. In total, he has been successful in obtaining thirty-five separate research awards totalling over £5.4M from a variety of separate awarding bodies as part of projects with a total aggregate funding of over £10M.

Asma Adnane
Trust and Security in Internet of Vehicles (IoV)

Abstract: Vehicular Ad-hoc NETwork (VANET) is vital transportation technology that enables vehicles to be connected to each other and to the road infrastructure, it facilitates a big range of applications designed with a principal objective on assisting the driver (applications such as collision avoidance, accident avoidance and traffic information)

Nowadays, Vehicles capabilities have been extended to allow connectivity to different sort of devices such as cellular networks, sensors, and smart phones, creating a bigger network called Internet of Vehicles (IoV) giving the opportunity for more applications (infontainment, traffic optimization and safety). All these applications require a secure, reliable and trusted information dissemination in the network. In case of IoV, ensuring such network security is extremely difficult due to its large-scale and open nature, making it susceptible to diverse range of attacks including man-in-the-middle (MITM), replay, jamming and eavesdropping attacks.

Trust establishment among vehicles can increase network security by identifying dishonest vehicles and revoking messages with malicious or inconsistent content. To this end, various Trust Models (TMs) are developed. These TMs evaluate trust based on the received information (data), the sending entity or both through different mechanisms. This talk reviews the different aspects of trust and presents a comparative study of the three TMs. An evaluation of these TMs against the different trust, security and quality-of-service related benchmarks will be discussed.

Asma is a lecturer in the Computer Science department of Loughborough University. Before joining Loughborough, Asma was a senior lecturer in the University of Derby (2013-2018) and a KTP associate at the university of Leicester and Crowdlab – Leicester (2011-2013).

Her main research focus is on networks and security. She had been involved in research related to the multipath routing performance in ad hoc networks, and in different applications of trust management for secured routing in ad hoc networks.

Preliminary Program


(Workshop chairs)

Invited talk

Speaker: Prof. Gareth Howells, University of Kent, UK

Paper session 1 (chair: Virginia Franqueira)

  • Securing the Device Drivers of Your Embedded Systems: Framework and Prototype
    Zhuohua Li, Jincheng Wang, Mingshen Sun and John C.S. Lui
  • IoT-HarPSecA: A Framework for Facilitating the Design and Development of Secure IoT Devices
    Musa Samaila, Moser José, João Bernardo Sequeiros, Mário M. Freire and Pedro R. M. Inácio

Invited talk

Speaker: Dr Asma Adnane, Loughborough University, UK

Paper session 2 (chair: Virginia Franqueira)

  • Providing Confidential Cloud-based Fall Detection from Remote Sensor Data Using Multi-Party Computation
    Pradip Mainali and Carlton Shepherd
  • Energy Attack in LoRaWAN: Experimental Validation
    Konstantin Mikhaylov, Radek Fujdiak, Miroslav Voznak, Ari Pouttu and Petr Mlynek
  • A Secure Publish/Subscribe Protocol for Internet of Things
    Lukas Malina, Gautam Srivastava, Petr Dzurenda and Jan Hajny


(Workshop chairs)

Program Chair/ Workshop Chair

Virginia N. L. Franqueira
University of Derby, UK

Aleksandra Mileva
University of Goce Delcev, MK

Ville Leppänen
University of Turku, FI

Pedro Inácio
Universidade da Beira Interior, PT

Mauro Conti
University of Padua, IT

Raul H. C. Lopes
Brunel University, JISC & CMS/CERN, UK

Asma Adnane
Loughborough University, UK

Xiaojun Zhai
University of Essex, UK

Publicity Co-chairs

Chhagan Lal
University of Padua, IT

Chia-Mu Yu
National Chung Hsing University, TW

Program Committee 2019

Alberto Compagno, Cisco Systems, FR
Chaker Abdelaziz Kerrache, Université Amar Telidji de Laghouat, DZ
Diogo Fernandes, PepsiCo, PT
Henrique Santos, University of Minho, PT
João Vilela, University of Coimbra, PT
Judith Rossebo, ABB AS, NO
Katinka Wolter, Freie Universität Berlin, DE
Miguel Pardal, University of Lisbon, PT
Moreno Ambrosin, Intel Labs, US
Patrik Ekdahl, Ericsson AB, SE
Ricardo Neisse, European Commission Joint Research Center, IT
Sampsa Rauti, University of Turku, FI
Savio Sciancalepore, Hamad bin Khalifa University, QA
Seppo Virtanen, University of Turku, FI
Simona Bernardi, University of Zaragoza, ES
Steffen Wendzel, Worms University of Applied Sciences, DE
Tomasz  Szydlo, AGH University of Science and Technology, PL

Submission Guidelines

The submission guidelines can be found at (6-8 pages, a maximum of 10 pages is tolerated).

Double blind review: All papers submitted to EasyChair should be anonymized (no names or affiliations of authors should be visible in the paper) with no obvious self-references.

Submission of a paper implies that should the paper be accepted, at least one of the authors will register and present the paper in the workshop.

Proceedings will be published by ACM.