Robust and Lightweight Authentication for IoT Networks

About the Project

1. Research Background and Motivation
   The Internet of Things (IoT) is rapidly transforming sectors such as healthcare, smart cities, industrial systems, and critical infrastructure. Billions of connected devices continuously sense, process, and exchange data to support intelligent services. However, many of these devices are highly constrained, particularly Class 0 and Class 1 devices, which have extremely limited computational, storage, and energy resources.
   
   Traditional cryptographic mechanisms are often unsuitable for these devices due to their overhead, leading to vulnerabilities such as impersonation, replay, and denial-of-service attacks. To ensure trust, lightweight authentication mechanisms are needed mechanisms that balance strong security with minimal resource consumption. This research will contribute to securing the IoT ecosystem by investigating and designing novel, resource-efficient authentication protocols tailored for constrained environments.
2. Problem Statement
   While existing lightweight security mechanisms (e.g., optimized symmetric-key cryptography, hash-based protocols) have been proposed, they often face challenges in real-world IoT deployments:
   
   • Resource limitations: Many schemes remain too heavy for Class 0/1 devices.
   • Scalability: Authentication in dense networks with hundreds of devices creates overhead.
   • Resilience: Lightweight protocols often lack robustness against modern attack vectors, such as Sybil, replay, and flooding attacks.
   • Interoperability: Standards for constrained networks (e.g., 6LoWPAN, RPL, CoAP) need authentication mechanisms that integrate seamlessly without breaking performance guarantees.
   The gap lies in developing robust, scalable, and truly lightweight authentication approaches that are practically deployable in real IoT scenarios.
3. Research Objectives
   This PhD will aim to:
   • Investigate and evaluate existing lightweight authentication mechanisms in IoT networks, with a focus on Class 0 and Class 1 devices and 6LoWPAN networks.
   • Design and develop novel authentication protocols that minimize computational, communication, and memory costs while ensuring strong security guarantees.
   • Integrate and implement the proposed solutions within widely used IoT network systems (e.g., Contiki-NG, RIOT-OS, or TinyOS).
   • Evaluate performance and security through simulation (e.g., Cooja, NS-3) and testbed experiments on real IoT devices.
   • Demonstrate scalability and robustness against adversarial attacks in realistic IoT scenarios such as smart healthcare, environmental sensing, and industrial IoT.

Academic qualifications
1st degree (minimum 2:1) in Computer Science, Cyber Security or Computer Engineering

English language requirement
IELTS score must be at least 6.5 (with not less than 6.0 in each of the four components). Other, equivalent qualifications will be accepted.

Essential attributes:

• Strong Cyber Security and IoT skills
• Good AI/Machine Learning skills
• Competent in programming
• Good written and oral communication skills
• Strong motivation, with evidence of independent research skills relevant to the project
• Good organisation and time management skills

Desirable attributes:

• Excellent in programming and software testing
• Experience in IoT systems

APPLICATION CHECKLIST

• Completed application form
• CV
• 2 academic references, using the Postgraduate Educational Reference Form (download)
• Research project outline of 2 pages (list of references excluded). The outline may provide details about
  1. Background and motivation of the project. The motivation, explaining the importance of the project, should be supported also by relevant literature. You can also discuss the applications you expect for the project results.
  2. Research questions or objectives.
  3. Methodology: types of data to be used, approach to data collection, and data analysis methods.
  4. List of references.
• Statement no longer than 1 page describing your motivations and fit with the project.
• Evidence of proficiency in English (if appropriate)

To be considered, the application must use

• the advertised title as project title

For informal enquiries about this PhD project, please contact b.ghaleb@napier.ac.uk
Application Enquiries: https://www.napier.ac.uk/research-and-innovation/doctoral-college/application-guidance
Application link: https://evision.napier.ac.uk/si/sits.urd/run/siw_sso.go?ElOlarlItFiG37xnH5PRRBvv3d563wLdwX4JfhYskMa3bJWTuc