{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,22]],"date-time":"2026-03-22T05:54:39Z","timestamp":1774158879276,"version":"3.50.1"},"reference-count":33,"publisher":"MDPI AG","issue":"12","license":[{"start":{"date-parts":[[2018,12,19]],"date-time":"2018-12-19T00:00:00Z","timestamp":1545177600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Future Internet"],"abstract":"<jats:p>A Smart Home is characterized by the presence of a huge number of small, low power devices, along with more classical devices. According to the Internet of Things (IoT) paradigm, all of them are expected to be always connected to the Internet in order to provide enhanced services. In this scenario, an attacker can undermine both the network security and the user\u2019s security\/privacy. Traditional security measures are not sufficient, because they are too difficult to setup and are either too weak to effectively protect the user or too limiting for the new services effectiveness. The paper suggests to dynamically adapt the security level of the smart home network according to the user perceived risk level what we have called network sentiment analysis. The security level is not fixed, established by a central system (usually by the Internet Service Provider) but can be changed with the users cooperation. The security of the smart home network is improved by a distributed firewalls and Intrusion Detection Systems both to the smart home side as to the Internet Service Provider side. These two parts must cooperate and integrate their actions for reacting dynamically to new and on going threats. Moreover, the level of network sentiment detected can be propagate to nearby home networks (e.g., the smart home networks of the apartments inside a building) to increase\/decrease their level of security, thus creating a true in-line Intrusion Prevention System (IPS). The paper also presents a test bed for Smart Home to detect and counteract to different attacks against the IoT sensors, Wi-Fi and Ethernet connections.<\/jats:p>","DOI":"10.3390\/fi10120125","type":"journal-article","created":{"date-parts":[[2018,12,19]],"date-time":"2018-12-19T12:12:44Z","timestamp":1545221564000},"page":"125","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":14,"title":["\u201cNetwork Sentiment\u201d Framework to Improve Security and Privacy for Smart Home"],"prefix":"10.3390","volume":"10","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0009-8154","authenticated-orcid":false,"given":"Tommaso","family":"Pecorella","sequence":"first","affiliation":[{"name":"Department of Information Engineering, Universit\u00e0 di Firenze, Via di Santa Marta 3, 50139 Firenze, Italy"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6271-7988","authenticated-orcid":false,"given":"Laura","family":"Pierucci","sequence":"additional","affiliation":[{"name":"Department of Information Engineering, Universit\u00e0 di Firenze, Via di Santa Marta 3, 50139 Firenze, Italy"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4042-3019","authenticated-orcid":false,"given":"Francesca","family":"Nizzi","sequence":"additional","affiliation":[{"name":"Department of Information Engineering, Universit\u00e0 di Firenze, Via di Santa Marta 3, 50139 Firenze, Italy"}]}],"member":"1968","published-online":{"date-parts":[[2018,12,19]]},"reference":[{"key":"ref_1","unstructured":"Frenkel, S. (2018, December 18). A Cute Toy Just Brought a Hacker into Your Home. Available online: https:\/\/www.nytimes.com\/2017\/12\/21\/technology\/connected-toys-hacking.html."},{"key":"ref_2","unstructured":"Gallagher, S. (2018, December 18). How One Rent-a-Botnet Army of Cameras, DVRs Caused Internet Chaos. Available online: https:\/\/arstechnica.com\/information-technology\/2016\/10\/inside-the-machine-uprising-how-cameras-dvrs-took-down-parts-of-the-internet\/."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"80","DOI":"10.1109\/MC.2017.201","article-title":"DDoS in the IoT: Mirai and Other Botnets","volume":"50","author":"Kolias","year":"2017","journal-title":"Computer"},{"key":"ref_4","unstructured":"Antonakakis, M., April, T., Bailey, M., Bernhard, M., Bursztein, E., Cochran, J., Durumeric, Z., Halderman, J.A., Invernizzi, L., and Kallitsis, M. (2017, January 16\u201318). Understanding the Mirai Botnet. Proceedings of the 26th USENIX Conference on Security Symposium, SEC\u201917, Vancouver, BC, Canada."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Lin, H., and Bergmann, N.W. (2016). IoT Privacy and Security Challenges for Smart Home Environments. Information, 7.","DOI":"10.3390\/info7030044"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"1294","DOI":"10.1109\/COMST.2015.2388550","article-title":"Security for the Internet of Things: A Survey of Existing Protocols and Open Research Issues","volume":"17","author":"Granjal","year":"2015","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Kim, H. (2008, January 28\u201330). Protection Against Packet Fragmentation Attacks at 6LoWPAN Adaptation Layer. Proceedings of the 2008 International Conference on Convergence and Hybrid Information Technology, Daejeon, Korea.","DOI":"10.1109\/ICHIT.2008.261"},{"key":"ref_8","unstructured":"Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, J.P., and Alexander, R. (2018, December 18). RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks. Available online: http:\/\/www.rfc-editor.org\/info\/rfc6550."},{"key":"ref_9","unstructured":"Shelby, Z., Hartke, K., and Bormann, C. (2018, December 18). The Constrained Application Protocol (CoAP). Available online: https:\/\/www.rfc-editor.org\/info\/rfc7252."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"62","DOI":"10.1109\/MIC.2012.29","article-title":"CoAP: An Application Protocol for Billions of Tiny Internet Nodes","volume":"16","author":"Bormann","year":"2012","journal-title":"IEEE Internet Comput."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"10","DOI":"10.1109\/MWC.2015.7224722","article-title":"The quality of experience perspective toward 5G technology","volume":"22","author":"Pierucci","year":"2015","journal-title":"IEEE Wirel. Commun."},{"key":"ref_12","first-page":"2","article-title":"Anonymity and closely related terms in the cyberspace: An analysis by example","volume":"19","author":"Kambourakis","year":"2014","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Lee, C., Zappaterra, L., Choi, K., and Choi, H.A. (2014, January 29\u201331). Securing smart home: Technologies, security challenges, and security requirements. Proceedings of the 2014 IEEE Conference on Communications and Network Security, San Francisco, CA, USA.","DOI":"10.1109\/CNS.2014.6997467"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"11100","DOI":"10.1109\/ACCESS.2017.2710379","article-title":"Secure and Efficient Protocol for Route Optimization in PMIPv6-Based Smart Home IoT Networks","volume":"5","author":"Shin","year":"2017","journal-title":"IEEE Access"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"186","DOI":"10.1016\/j.ins.2018.04.048","article-title":"Secure data uploading scheme for a smart home system","volume":"453","author":"Shen","year":"2018","journal-title":"Inf. Sci."},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Brilli, L., Pecorella, T., Pierucci, L., and Fantacci, R. (2016, January 4\u20138). A Novel 6LoWPAN-ND Extension to Enhance Privacy in IEEE 802.15.4 Networks. Proceedings of the 2016 IEEE Global Communications Conference (GLOBECOM), Washington, DC, USA.","DOI":"10.1109\/GLOCOM.2016.7841523"},{"key":"ref_17","unstructured":"(2011). IEEE Standard for Local and Metropolitan Area Networks\u2014Part 15.4: Low-Rate Wireless Personal Area Networks (LR-WPANs), IEEE Std. IEEE Std 802.15.4-2011 (Revision of IEEE Std 802.15.4-2006)."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"134","DOI":"10.1016\/j.istr.2005.08.001","article-title":"Intrusion Detection Systems and Intrusion Prevention Systems","volume":"10","author":"Fuchsberger","year":"2005","journal-title":"Inf. Secur. Tech. Rep."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Gendreau, A.A., and Moorman, M. (2016, January 22\u201324). Survey of Intrusion Detection Systems towards an End to End Secure Internet of Things. Proceedings of the 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), Vienna, Austria.","DOI":"10.1109\/FiCloud.2016.20"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"52","DOI":"10.1016\/j.comcom.2016.12.001","article-title":"Hybrid of anomaly-based and specification-based IDS for Internet of Things using unsupervised OPF based on MapReduce approach","volume":"98","author":"Bostani","year":"2017","journal-title":"Comput. Commun."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"279","DOI":"10.1109\/TDSC.2016.2614505","article-title":"Don\u2019t fool Me!: Detection, Characterisation and Diagnosis of Spoofed and Masked Events in Wireless Sensor Networks","volume":"14","author":"Illiano","year":"2017","journal-title":"IEEE Trans. Depend. Secur. Comput."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"25","DOI":"10.1016\/j.jnca.2017.02.009","article-title":"A survey of intrusion detection in Internet of Things","volume":"84","author":"Miani","year":"2017","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"2661","DOI":"10.1016\/j.adhoc.2013.04.014","article-title":"SVELTE: Real-time intrusion detection in the Internet of Things","volume":"11","author":"Raza","year":"2013","journal-title":"Ad Hoc Netw."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"15","DOI":"10.1145\/2187671.2187677","article-title":"Processing Flows of Information: From Data Stream to Complex Event Processing","volume":"44","author":"Cugola","year":"2012","journal-title":"ACM Comput. Surv."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"372","DOI":"10.1109\/JIOT.2014.2344013","article-title":"Sybil Attacks and Their Defenses in the Internet of Things","volume":"1","author":"Zhang","year":"2014","journal-title":"IEEE Internet Things J."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"1753897","DOI":"10.1155\/2018\/1753897","article-title":"An Intrusion Detection and Prevention Framework for Internet-Integrated CoAP WSN","volume":"2018","author":"Granjal","year":"2018","journal-title":"Secur. Commun. Netw."},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Pacheco, J., and Hariri, S. (2016, January 12\u201316). IoT Security Framework for Smart Cyber Infrastructures. Proceedings of the 2016 IEEE 1st International Workshops on Foundations and Applications of Self* Systems (FAS*W), Augsburg, Germany.","DOI":"10.1109\/FAS-W.2016.58"},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"3953","DOI":"10.1002\/sec.1313","article-title":"Cooperative security management for broadband network environments","volume":"8","author":"Cruz","year":"2015","journal-title":"Secur. Commun. Netw."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Scarfone, K.A., and Mell, P.M. (2007). Guide to Intrusion Detection and Prevention Systems (IDPS), Technical Report SP 800-94.","DOI":"10.6028\/NIST.SP.800-94"},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"113","DOI":"10.1109\/MWC.2014.6882303","article-title":"A network architecture solution for efficient IoT WSN backhauling: Challenges and opportunities","volume":"21","author":"Fantacci","year":"2014","journal-title":"IEEE Wirel. Commun."},{"key":"ref_31","unstructured":"Debar, H., Curry, D., and Feinstein, B. (2018, December 18). The Intrusion Detection Message Exchange Format (IDMEF). Available online: https:\/\/www.rfc-editor.org\/info\/rfc4765."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1109\/2.963441","article-title":"Managing vulnerabilities in networked systems","volume":"34","author":"Martin","year":"2001","journal-title":"Computer"},{"key":"ref_33","unstructured":"(2017, January 03). The Bro Network Security Monitor. Available online: https:\/\/www.bro.org."}],"container-title":["Future Internet"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1999-5903\/10\/12\/125\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T15:34:54Z","timestamp":1760196894000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1999-5903\/10\/12\/125"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,12,19]]},"references-count":33,"journal-issue":{"issue":"12","published-online":{"date-parts":[[2018,12]]}},"alternative-id":["fi10120125"],"URL":"https:\/\/doi.org\/10.3390\/fi10120125","relation":{"has-preprint":[{"id-type":"doi","id":"10.20944\/preprints201812.0219.v1","asserted-by":"object"}]},"ISSN":["1999-5903"],"issn-type":[{"value":"1999-5903","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,12,19]]}}}