IoT for Defense and National Security

Cover
Title Page
Copyright
Contents
List of Contributors
Introduction: IoT for Defense and National Security
Part 1 Introduction: Vision, Applications, and Opportunities
Chapter 1 Internet of Battlefield Things: Challenges, Opportunities, and Emerging Directions
1.1 IoBT Vision
1.2 IoBT vs. IoT
1.3 IoBT Operational Requirements
1.4 An Organizing Concept
1.4.1 The MDO Effect Loop
1.4.2 Technical Challenges
1.4.2.1 Compositionality and Synthesis
1.4.2.2 Timeliness and Efficiency
1.4.2.3 Robustness to Adversarial Disruption
1.4.2.4 Deployability at the Point of Need
1.5 Performant and Resilient IoBTs
1.5.1 Compositionality and Synthesis
1.5.2 Timeliness and Efficiency
1.5.3 Robustness to Adversarial Disruption
1.5.4 Deployability at the Point of Need
1.6 Future Directions
1.6.1 Multi‐tenancy and Multiplicity of Use
1.6.2 Multiplicity of Function
1.6.3 Non‐stationarity and Multiplicity of Perturbations
1.6.4 Multiplicity of Sensing Modalities
1.6.5 Multiplicity of Time‐scales
1.6.6 Architecture
1.7 Conclusion
References
Chapter 2 Sensorized Warfighter Weapon Platforms: IoT Making the Fog of War Obsolete
2.1 Introduction
2.2 IoT for Firearms
2.3 New Insights into the Battlefield Provided by IoT
2.4 Challenges for IoT in Soldier Weapons
2.5 Battlefield Challenges to Aggregating and Exfiltrating Data
2.6 Protection and Security for IoT Data Communication
2.7 State of the Art
2.8 Conclusion
References
Chapter 3 IoBT Resource Allocation via Mixed Discrete and Continuous Optimization
3.1 Introduction
3.2 Lattices and Submodular Functions
3.3 Problem Formulation
3.4 An Equivalent Parameterization
3.5 Returning to Constraints
3.5.1 Knapsack Constraints
3.5.2 Continuous Budget Constraints
3.6 Computational Examples
3.6.1 Unconstrained Optimization
3.6.2 Knapsack‐Constrained Allocations
3.6.3 Continuous Budget‐constrained Allocations
3.7 Conclusions
References
Chapter 4 Operationalizing IoT Data for Defense and National Security
4.1 Introduction
4.2 Problem Statement
4.3 Challenges
4.4 Security Considerations
4.5 Developing a Strategy for Operationalizing Data
4.6 Precedence
4.7 End State
4.8 Conclusion
References
Chapter 5 Real Time Monitoring of Industrial Machines using AWS IoT
5.1 Problem Statement
5.2 Solution Statement – Overview
5.3 Solution Statement – Edge Computing
5.4 Solution Statement – Cloud Connectivity
5.5 Solution Statement – Streaming Analytics and Data Storage
5.6 Solution Statement – Data Visualization
5.7 Solution Statement – Example Data Visualizations
5.8 Results
5.9 Next Steps
References
Chapter 6 Challenges and Opportunities of IoT for Defense and National Security Logistics
6.1 Introduction
6.2 Linking Industry and DoD Uses of IoT
6.3 Situational Awareness
6.3.1 Policy and Legal Implications
6.3.2 Challenges and Considerations
6.4 Applications for DoD
6.4.1 Situational Awareness of People and Equipment for Maintainability and Sustainability
6.4.2 Data Collection for Real‐time and Predictive CBM
6.4.3 Prepositioning and Planning for People and Supplies (Prepo‐in‐motion)
6.4.4 IoT at DoD Installations
6.4.4.1 Energy Management
6.4.4.2 Installations as Training Platforms
6.4.5 IoT and Emergency Response
6.4.6 IoT and Disaster Response
6.5 Observations on the Future
Acknowledgement
References
Chapter 7 Digital Twins for Warship Systems: Technologies, Applications and Challenges
7.1 Introduction
7.2 A Digital Twin Architecture for Implementation
7.2.1 Physical Level
7.2.2 Physical World/Virtual World Interface
7.2.3 Digital Twin
7.2.3.1 Integration of Functionalities: User Interfaces
7.2.3.2 Simulation Models
7.2.3.3 Data Storage and Data Lakes
7.2.3.4 Data Analysis, Machine Learning, and Predictive Algorithms
7.3 Ship Digital Twin Implementation
7.3.1 Physical Level
7.3.2 Physical World/Virtual World Interface
7.3.3 Integration of Functionalities and the User Interface
7.3.4 Simulation Models
7.3.5 Data Analysis, Machine Learning, and Predictive Algorithms
References
Part 2 Introduction: Artificial Intelligence and IoT for Defense and National Security
Chapter 8 Principles of Robust Learning and Inference for IoBTs
8.1 Internet of Battlefield Things and Intelligence
8.2 Dimensions of Responsible AI
8.2.1 Research Challenges in IoBTs
8.2.2 Trust, Resilience and Interpretability
8.3 Detecting Surprise: Adversarial Defense and Outlier Detection
8.4 Novel Deep Learning Representation: Dynamical System
8.5 Robust Secure State Estimation
8.6 Distributionally Robust Learning
8.7 Future Directions
8.8 Conclusion
References
Chapter 9 AI at the Edge: Challenges, Applications, and Directions
9.1 Introduction
9.2 IoT Applications
9.2.1 Visual Inspection of Assets
9.2.1.1 Visual Recognition
9.2.1.2 AI Optimization
9.2.1.3 Fixed IoT Sensors vs. RIDs
9.2.2 Thermal Inspection of Assets
9.2.2.1 Inspection at Electric Substations
9.2.2.2 Proposed Automation
9.2.3 Inspection of Analog Meters and Gauges
9.2.3.1 Gauge Detection
9.2.3.2 Perspective Correction
9.2.3.3 Pointer Detection and Text Recognition
9.2.4 Other Defense and Commercial Use Cases
9.3 Distributed AI Architecture
9.3.1 Background: Centralized AI and Edge AI
9.3.1.1 Centralized AI
9.3.1.2 Edge AI
9.3.2 Open Challenges in Edge AI
9.3.3 New Paradigm: Distributed AI
9.4 Technology
9.4.1 Data Ops
9.4.1.1 Statistical Summaries
9.4.1.2 Dimensionality Reduction
9.4.1.3 Sampling from Original Space
9.4.2 Model Ops
9.4.2.1 OOD Detection Algorithm
9.4.2.2 Experiments
9.4.3 Optimization and Adaptation
9.4.3.1 Model Pruning
9.4.3.2 Model Quantization
9.4.3.3 Other Schemes
9.4.3.4 Experiments: Model Optimization for Asset Inspection
9.4.4 Federated Learning
9.4.4.1 Resource Efficiency of FL
9.4.4.2 Privacy Considerations
9.5 Research Directions
9.5.1 Learning with Resource Optimization
9.5.2 Collaboration Among Humans and Robots
9.5.3 Multi‐modal Learning
9.5.3.1 Context‐based Multi‐modal Sensing
9.5.3.2 Adaptive Navigation to Optimize Sensing
9.6 Conclusions
References
Chapter 10 AI Enabled Processing of Environmental Sounds in Commercial and Defense Environments
10.1 Introduction
10.1.1 Challenges
10.1.2 System Overview
10.1.3 IoT Acoustics vs. Speech Recognition
10.2 Use Cases
10.2.1 Defense Use Cases
10.2.1.1 Perimeter Defense
10.2.1.2 Vehicle Classification
10.2.1.3 Activation of Other Modalities
10.2.1.4 Fleet and Facilities Maintenance
10.2.2 Commercial Use Cases
10.2.2.1 Manufacturing
10.2.2.2 Vehicle Monitoring
10.2.2.3 Animal Husbandry
10.2.2.4 Healthcare
10.2.2.5 Security
10.3 System Architecture
10.4 Technology
10.4.1 Data Management and Curation
10.4.2 Model Training Pipeline
10.4.3 Models
10.4.3.1 Shallow Models
10.4.3.2 Deep Models
10.4.3.3 Inference Performance on the Edge
10.4.4 Anomaly Detection
10.4.5 Model Drift
10.4.6 Model Update/Evolution
10.4.7 Model Adaptation
10.5 Summary
References
Part 3 Introduction: Security, Resiliency, and Technology for Adversarial Environments
Chapter 11 Assurance by Design for Cyber‐physical Data‐driven Systems
11.1 Introduction
11.1.1 Formal Methods for Software Intensive Systems
11.1.2 Adapting Formal Methods for Data Driven Systems
11.2 Methods for Assurance
11.2.1 Tools for Information Freshness
11.2.2 Methods for Decision Assurance
11.2.2.1 Scenario Generation for CPDDSs
11.2.2.2 Consequence Assessment for CPDDSs
11.2.3 Assurance of Interconnected Networked CPDDSs
11.2.3.1 Network Representation
11.2.3.2 Dynamic Cascade Modeling
11.2.3.3 Multi‐Agent Decision Optimization
11.3 Discussion and Conclusion
References
Chapter 12 Vulnerabilities in IoT Systems
12.1 Introduction
12.1.1 IoT System Components
12.1.2 Vulnerabilities and Threats
12.1.2.1 Devices
12.1.2.2 Communication Protocols
12.1.2.3 IoT Applications
12.1.2.4 Physical Medium
12.1.2.5 Mobile Apps
12.2 Firmware
12.2.1 Unprotected Network Services
12.2.2 Unprotected Firmware Updating
12.2.3 Buffer Overflow
12.3 Communication Protocols
12.3.1 Wi‐Fi
12.3.2 Zigbee
12.3.3 Z‐Wave
12.3.4 Bluetooth
12.3.5 Physical Layer
12.3.5.1 Jamming Attack
12.3.5.2 Side Channel Attack
12.3.6 TCP/IP Suite & Application Layer
12.4 IoT Apps
12.4.1 Checking Safety and Security Properties
12.4.2 Dynamic Security Policy Enforcement
12.4.3 IoT App Sniffing
12.5 Physical Dependencies
12.6 Companion Mobile Apps
12.7 Hardware
12.8 IoT Platforms
12.8.1 Over‐privileging
12.8.2 Data Leakage
12.9 Countermeasures
12.10 Conclusions
References
Chapter 13 Intrusion Detection Systems for IoT
13.1 Introduction
13.2 Background
13.2.1 Intrusion Detection Systems
13.2.1.1 Placement of Collectors
13.2.1.2 Architecture of Analyzers
13.2.1.3 Detection Mechanisms
13.2.2 Characteristics of IoT Environments
13.2.2.1 Simple Networking Patterns
13.2.2.2 Diverse Network Protocols
13.2.2.3 Small Number of Threads
13.2.2.4 Various Types of CPU Architectures and Operating Systems
13.2.2.5 Resource Constraints
13.2.2.6 Large Numbers of Devices
13.2.2.7 Dynamics and Autonomy
13.2.3 IoT‐Specific Protocols
13.2.3.1 IoT Network‐layer Protocols
13.2.3.2 IoT Application‐layer Protocols
13.2.4 IDS in IoT Environment
13.2.4.1 Relevance of IDS in IoT Environment
13.2.4.2 Challenges for IDSes in IoT Dynamic and Autonomous Environment
13.3 IoT Attack Scenarios
13.3.1 Attacks from the Internet
13.3.1.1 Port Scanning
13.3.1.2 Telnet/SSH/HTTP Bruteforce
13.3.1.3 SYN/ACK/UDP/HTTP Flooding
13.3.2 IoT‐specific Network‐layer Attacks
13.3.2.1 Hello Flood Attack
13.3.2.2 Neighbor Attack
13.3.2.3 DIS Attack
13.3.2.4 Sinkhole Attack
13.3.2.5 Wormhole Attack
13.3.2.6 Grayhole (or Selective Forwarding) Attack
13.3.3 IoT‐specific Application‐layer Attacks
13.3.3.1 CONNECT/CONNACK Flooding
13.3.3.2 CoAP Request/ACK Flooding
13.4 Proposed IDSes for IoT
13.4.1 Definition of Normal/Abnormal Behavior
13.4.1.1 Legitimate IP Addresses
13.4.1.2 Threshold
13.4.1.3 Automata
13.4.1.4 Federated Learning
13.4.2 Enhancements of ML‐based Detectors
13.4.2.1 Compression Header Analyzer Intrusion Detection System (CHA‐IDS)
13.4.2.2 E‐Spion
13.4.2.3 Deep learning-based IDS (DL‐IDS)
13.4.2.4 Multiclass Classification Procedure
13.4.2.5 Discussion
13.4.3 Lightweight Detector Implementation
13.4.3.1 Raspberry Pi IDS (RPiDS)
13.4.3.2 Passban IDS
13.4.3.3 Discussion
13.4.4 Combination of Diverse Detectors
13.4.4.1 IDS with Game‐theoretic Methodology
13.4.4.2 Hybrid Intrusion Detection and Prevention System (IDPS)
13.4.4.3 IDPS
13.4.4.4 Discussion
13.4.5 Optimal Detector Selection
13.4.5.1 Kalis
13.4.5.2 Reinforcement learning-based IDS (RL‐IDS)
13.4.5.3 Discussion
13.5 Research Directions
Acknowledgement
References
Chapter 14 Bringing Intelligence at the Network Data Plane for Internet of Things Security
14.1 Introduction
14.2 Related Work
14.3 System Design
14.3.1 Architecture of the FRG Approach
14.3.2 Architecture of the BNN Approach
14.4 Problem Modeling
14.4.1 Classification with Header Bytes
14.4.2 Classification with Header Fields
14.5 Algorithms and Learning Models
14.5.1 FRG Approach: Overview
14.5.2 FRG Stage 1: Neural Network Structure
14.5.3 FRG Stage 2: Header Field Definition
14.5.4 BNN Approach
14.6 Evaluation Results
14.6.1 Performance of FRG Approach: Setup and Metrics
14.6.2 Performance of FRG Stage 1 (Classification)
14.6.3 Performance of FRG Stage 2 (Header Field Definition)
14.6.3.1 Profiles of Importance Scores
14.6.3.2 Impact of Header Fields on Accuracy
14.6.3.3 Impact of Header Fields on Costs
14.6.3.4 Optimal Selection of Header Fields
14.6.4 Performance of BNN Approach
14.6.4.1 Main Takeaways
14.7 Conclusions and Future Challenges
Acknowledgment
References
Chapter 15 Distributed Computing for Internet of Things Under Adversarial Environments
15.1 Introduction
15.2 Distributed Computing for IoT in Defense Applications
15.2.1 Overview of Requirements/Challenges
15.2.2 Characteristics of Distributed IoBT Applications
15.3 Threat Model
15.3.1 System Description
15.3.2 Threats
15.3.2.1 Goals of an Adversary
15.3.2.2 Attack Vectors
15.4 Frameworks for Distributed Computing
15.4.1 Resource and Task Management in Distributed Computing
15.4.2 Gathering Resources in Adversarial Environments
15.5 Establishing Trust in Adversarial Environments: Solutions and Open Opportunities
15.5.1 Verifiable Computation
15.5.1.1 Homomorphic Encryption
15.5.1.2 Proof‐based Verification
15.5.1.3 TrueBit
15.5.1.4 Perlin
15.5.1.5 Open Opportunities
15.5.2 Byzantine Fault‐tolerant Distributed Computing
15.5.2.1 Open Opportunities
15.5.3 Grey Resource Accumulation
15.5.3.1 Open Opportunities
15.5.4 Cryptographic Approaches
15.5.4.1 Open Opportunities
15.5.5 Secure Computation with Trusted Execution Environments
15.5.5.1 Open Opportunities
15.6 Summary
Acknowledgment
References
Chapter 16 Ensuring the Security of Defense IoT Through Automatic Code Generation
16.1 The Challenge of IoT in Defense and National Security Applications: The Challenge
16.2 Solutions
16.2.1 Control the Interfaces Between IoT Elements
16.2.2 Problems with Traditional Approaches to Malware Protection
16.2.3 Traditional Approaches to Security: Hardware
16.2.4 Traditional Approaches to Security: Simulation
16.2.5 Traditional Approaches to Security: Software
16.2.5.1 Coding Weaknesses, Software Vulnerabilities and Malware
16.2.5.2 Traditional Approaches for Protecting IoT Software
16.2.5.3 Improvements on Traditional Software Approaches
16.2.6 Auto‐code Generation for Vulnerability‐free IoT
16.2.6.1 Applying Auto‐code Generation Selectively for IoT Network Security
16.2.6.2 A Practical Approach to Generating Vulnerability‐free IoT Networks
16.3 Automatic Code Generation
16.3.1 Core Auto‐generation Engine
16.3.2 Semantic Definitions of Software Functions
16.3.3 Formal Methods for Verifying Semantic Definitions
16.3.3.1 Static Analysis for Verifying Code Generator Produces Vulnerability‐free Code
16.3.4 An Extended Example: Automatic Generation of Router Software
16.4 IoT Interface‐code Issuing Authority
16.4.1 Role of IoT Interface‐code Authority (IICA)
16.4.2 Precedents and Examples and a Proposed IoT Interface Code Authority
16.5 Conclusions
References
Part 4 Introduction: Communications and Networking
Chapter 17 Leveraging Commercial Communications for Defense IoT
17.1 Introduction
17.2 Key Differences Between Defense and Commercial Communications Requirements
17.2.1 Interoperability
17.2.2 Mobility
17.2.3 Security
17.2.4 Vulnerability
17.3 Key Differences Between Defense and Commercial Technology Development
17.4 Commercial Communications for Use in Defense and Homeland Security
17.5 Conclusion
References
Chapter 18 Military IoT: Tactical Edge Clouds for Content Sharing Across Heterogeneous Networks
18.1 Introduction
18.2 The Need for Tactical Edge Clouds
18.3 Two Architectures
18.3.1 Architecture Paradigm 1: DARPA CBMEN
18.3.2 Architecture Paradigm 2: DARPA DyNAMO
18.4 Tactical Edge Cloud Architectural Insights
18.4.1 Information Generation and Discovery
18.4.2 Information Availability
18.4.3 Controlling Access
18.4.4 Information Quality of Service
18.4.5 Information Importance
18.5 Summary
Acknowledgment
References
Chapter 19 Spectrum Challenges in the Internet of Things: State of the Art and Next Steps
19.1 Introduction
19.2 Spectrum Bands of Interest in the Internet of Things
19.2.1 Low‐bands and Mid‐bands
19.2.1.1 Millimeter‐Wave Bands
19.2.1.2 Visible Light and Communications Above 100 GHz
19.3 Spectrum Management in the Internet of Things: Requirements and Existing Work
19.4 Spectrum Management in the Internet of Things: The Way Ahead
19.4.1 Protecting Passive and Incumbent Users from IoT Interference in Shared Bands
19.4.2 Experimental Spectrum Sharing at Scale Through the Colosseum and NSF PAWR Testbeds
19.4.3 Robust Machine Learning for Effective, Reliable and Efficient Spectrum Management
19.4.4 The Role of O‐RAN in Spectrum Sharing
19.5 Conclusions
References
Chapter 20 Tactical Edge IoT in Defense and National Security
20.1 Introduction
20.2 Background
20.2.1 Tactical Edge IoT drivers
20.2.2 Defense and Public Safety
20.3 Compelling COTS Edge IoT Applications
20.4 Target Scenarios for Tactical Edge IoT
20.4.1 C4ISR
20.4.2 Firepower Control Systems
20.4.3 Logistics
20.4.3.1 Fleet Management
20.4.3.2 Individual Supplies
20.4.4 Smart City Operations
20.4.5 Soldier Healthcare and Workforce Training
20.4.6 Collaborative and Crowd Sensing
20.4.7 Energy Management
20.4.8 Smart Surveillance
20.5 Communications Architecture
20.6 Main Challenges and Recommendations
20.7 Conclusions
Acknowledgments
References
Chapter 21 Use and Abuse of IoT: Challenges and Recommendations
21.1 The Elements of IoT and Their Nature
21.1.1 Use and Abuse of IoT
21.1.1.1 What Makes IoT So Powerful?
21.1.1.2 Orwell's Vision Has Not Yet Fully Materialized
21.1.1.3 IoT Unites Sensing/Information‐Extraction with Intelligent Processing and Action
21.1.2 Pervasive Sensing and Information Extraction
21.1.2.1 Sensors and Sensor Networks
21.1.2.2 Information Extraction
21.1.3 Intelligent Processing
21.1.3.1 IoT and the Nature of Intelligent Processing (AI)
21.1.3.2 Intelligent Processing of IoT Sensor Data and Extracted Information
21.1.3.3 Abuses of IoT Arising from Problems with Intelligent Processing
21.1.4 Control of Actions by IoT Devices
21.1.4.1 Control of Action
21.1.4.2 Abuse of Action by IoT
21.2 Preventing the Abuse of IoT While Enabling Its Benefits
21.2.1 A General Framework
21.2.1.1 The Need and Basis for an IoT Framework to Protect Human Rights
21.2.1.2 Consent by the Public and the Governed
21.2.1.3 Transparency: The Foundation of Consent
21.2.1.4 Accountability and Consequences
21.2.1.5 Security and Integrity
21.3 Types of Abuse and Misuse, and Prevention Through Regulation
21.3.1 Types of Abuse of IoT
21.3.1.1 Type 1 Abuse: Illegal or Unethical Abuse by Individuals or Organizations
21.3.1.2 Type 2 Abuse: Legal Abuse of IoT Without Consent or Benefit to Users or Owners
21.3.1.3 Type 3 Abuse: Government Abuse While Using IoT for Public Defense, Health, Safety, and Wellbeing
21.3.1.4 Type 4 Abuse: Government Use of IoT to Enhance Its Own Power and Enrich Officials
21.3.2 Regulating IoT to Prevent Abuse While Advancing Its Benefits
21.3.2.1 The Right to Limit and Regulate IoT
21.3.2.2 Regulating IoT: A Summary
21.4 Concluding Remarks: A Call to Action
References
Index
EULA