The Internet of Things (IoT) generally encompasses everything connected to the Internet, from simple/lightweight sensors to smartphones and wearables, and other embedded systems with connections. By combining these connected devices with automated systems, it becomes feasible to help someone with a particular task, or learn from a process through collecting and analyzing information from different sources. In industry, sensors on product lines can increase efficiency and cut down on waste. One study estimates 35% of U.S. manufacturers are using data from smart sensors within their set‐ups already. IoT can make it more efficient in how to do things, save time and money. Gartner report predicts that more than 20.8 billion IoT devices might be widely used by the end of 2020. However, everything that is connected to the Internet could be hacked, and it is the same to IoT applications. Insecure IoT systems are vulnerable to many threats and exploits. The Symantec report has shown that IoT has become a prime target for cyber‐criminals to exploit, where the number of IoT attacks increased from about 6,000 in 2016 to 50,000 in 2017, nearly a 600% rise in just one year. Thus, there is a significant need to develop more secure and trusted IoT environments. This special issue of IJNM focuses on how to build trust and hold effective trust management in an IoT environment, and identifies new issues and directions for future research and development work.

In the first contribution entitled “Network traffic identification of several open source secure proxy protocols,” Zhang et al. focused on network traffic classification and aimed to investigate both static and dynamic approaches. They examined the cryptographic protocols and the native source code to exploit the potential flaws including Shadowsocks, Gost, VMess, XX‐Net, and GoQuiet. Then they performed the dynamic analysis by using the deep learning approach to validate the results and provide an automatic way to identify potential weaknesses. The experimental results indicated that their model can achieve an accuracy of around 95%.

In the second contribution entitled “Research on adaptive beacon message broadcasting cycle based on vehicle driving stability,” Zhang et al. introduced an adaptive beacon message broadcasting cycle algorithm to adaptively control the vehicle driving stability, i.e., reducing the broadcasting cycle of unstable vehicles and increasing the broadcasting cycle of stable vehicles. In comparison to the traditional fixed‐cycle beacon messages, the proposed adaptive transmission algorithm can effectively reduce the transmission energy consumption and the communication delay and enhance the communication quality.

In the third contribution entitled “K‐PSO: An improved PSO‐based container scheduling algorithm for big data applications,” Liu et al. introduced an improved Kubernetes container scheduling algorithm called Kubernetes‐based particle swarm optimization (K‐PSO). In the pre‐selection stage, they optimized the CPU and memory restriction strategy of the node to the pod. In the optimization stage, they considered the CPU/memory of the node and the characteristic factors of the user application. Their results indicate that the K‐PSO algorithm can improve the scheduling by about 20% than other strategies without degrading the computing performance.

In the fourth contribution entitled “Privacy‐preserving cloud‐fog–based traceable road condition monitoring in VANET,” Wang et al. proposed an efficient privacy‐preserving cloud‐fog–based traceable road condition monitoring scheme by using certificateless aggregate signcryption, in which the vehicle can signcrypt the message and upload it to the roadside unit (RSU), as a fog server. They used a trace authority (TRA) to create pseudonym for vehicles and track the true identity of the vehicle when a wrong road condition information brings trouble. The combined server with cloud and fog can reduce the lag time of serving the end user.

In the fifth contribution entitled “Research on scheduling method based on traffic matrix for IoT security,” Cao et al. introduced a dynamic traffic scheduling of server cluster (DTSSC) model, which is built on the SDN to balance the server load in a computation cluster. This model is based on a simple intuition that a newly received request should be handled by the server with the maximal computation resource or should be derived from more basic raw measurements of the computation nodes across the network. Therefore, all the servers' load ratio reaches a similar level, by improving the reliability and scalability of the IoT.

In the next contribution entitled “Security and trust preserving inter‐ and intra‐cloud VM migrations,” Aslam et al. extended the secure VM migration solution without compromising the security level and user‐defined trust level on the platform by introducing a trust credential called Trust_Token. They used Trusted Platform Module (TPM) capabilities to securely migrate user VM with assurance of its hosting only on trustworthy cloud platforms. They also analyzed the security properties using the Tamarin protocol verification tool and found that it would be safe under the Dolev‐Yao adversary model.

In the next contribution entitled “A fog‐based collaborative intrusion detection framework for smart grid,” Li et al. introduced a fog‐based collaborative intrusion detection framework (CIDS) to enhance the detection performance and efficiency in smart grids (SG). A node consists of several key components, including collaboration component, trust management component, IDS component with a detector, a rule database and a normal profile, and P2P communication component. The framework contains four layers: cloud layer, fog layer, CIDS layer, and SG layer. They conducted an experiment in collaboration with a grid service provider and an IT company. The results demonstrated that the framework can improve the detection efficiency ranged from 21% to 39% and from 24% to 43% for two internal attack scenarios and from 29% to 45% for external attack scenario, respectively.

In the last contribution entitled “Secure grid‐based density peaks clustering on hybrid cloud for industrial IoT,” Sun et al. introduced a secure grid‐based density peaks clustering algorithm (SGBDPC) on a hybrid cloud for IIoT big data using grids to lower density samples and quickly find cluster centers. The client encrypts the private data using the homomorphic encryption scheme and then uploads the ciphertext to the cloud service side. The evaluation on four datasets demonstrated the accuracy and efficiency.

On the whole, the special issue papers cover a broad range of research on security, privacy, and trust on IoT and discuss various security threats and potential solutions. The team of guest editors would like to thank Editor‐in‐Chief James Won‐Ki Hong and Associate Editor‐in‐Chief Lisandro Zambenedetti Granville for their great support, as well as the paper authors and the reviewers for their contributions.

DATA AVAILABILITY STATEMENT

Data sharing not applicable to this article as no datasets were generated or analyzed during the current study.

中文翻译：

---

物联网安全，信任和隐私方面的特殊问题社论：挑战与解决方案

物联网（IoT）通常包含连接到Internet的所有内容，从简单/轻型传感器到智能手机和可穿戴设备，以及其他具有连接功能的嵌入式系统。通过将这些连接的设备与自动化系统相结合，可以帮助某人完成特定任务，或者通过收集和分析来自不同来源的信息来从过程中学习。在工业中，生产线上的传感器可以提高效率并减少浪费。一项研究估计，美国35％的制造商已经在其设置中使用来自智能传感器的数据。物联网可以使其在做事，节省时间和金钱方面更加高效。Gartner报告预测，到2020年底，可能会广泛使用超过208亿个IoT设备。但是，连接到互联网的所有内容都可能遭到黑客入侵，与物联网应用相同。不安全的物联网系统容易受到许多威胁和利用。赛门铁克报告显示，物联网已成为网络犯罪分子的主要攻击目标，物联网攻击次数从2016年的约6,000次增加到2017年的50,000次，短短一年内增长了近600％。因此，迫切需要开发更安全，更受信任的IoT环境。IJNM的本期专刊着重于如何在IoT环境中建立信任和进行有效的信任管理，并确定了新的问题和未来研究和开发工作的方向。物联网攻击的数量从2016年的约6,000增至2017年的50,000，仅在短短一年内就增长了600％。因此，迫切需要开发更安全，更受信任的IoT环境。IJNM的本期专刊着重于如何在IoT环境中建立信任和进行有效的信任管理，并确定了新的问题和未来研究和开发工作的方向。物联网攻击的数量从2016年的约6,000增至2017年的50,000，仅在短短一年内就增长了600％。因此，迫切需要开发更安全，更受信任的IoT环境。IJNM的本期专刊着重于如何在IoT环境中建立信任和进行有效的信任管理，并确定了新的问题和未来研究和开发工作的方向。

Zhang等人在题为“几种开源安全代理协议的网络流量识别”的第一篇贡献中。专注于网络流量分类，旨在研究静态和动态方法。他们检查了加密协议和本机源代码，以利用潜在的缺陷，包括Shadowsocks，Gost，VMess，XX-Net和GoQuiet。然后，他们使用深度学习方法对结果进行了动态分析，以验证结果并提供识别潜在弱点的自动方法。实验结果表明，他们的模型可以达到95％左右的精度。

Zhang等人在题为“基于车辆行驶稳定性的自适应信标消息广播周期研究”的第二篇论文中指出。提出了一种自适应信标消息广播周期算法，以自适应地控制车辆的行驶稳定性，即减少不稳定车辆的广播周期，增加稳定车辆的广播周期。与传统的固定周期信标消息相比，提出的自适应传输算法可以有效降低传输能耗和通信时延，提高通信质量。

Liu等人在题为“ K-PSO：针对大数据应用的基于PSO的改进的容器调度算法”的第三篇论文中。介绍了一种改进的Kubernetes容器调度算法，称为基于Kubernetes的粒子群优化（K-PSO）。在预选择阶段，他们优化了Pod节点的CPU和内存限制策略。在优化阶段，他们考虑了节点的CPU /内存以及用户应用程序的特征因素。他们的结果表明，在不降低计算性能的情况下，K-PSO算法可以比其他策略将调度性能提高约20％。

Wang等人在题为“ VANET中基于隐私保护的云雾的可追踪道路状况监控”的第四篇文章中。提出了一种有效的基于隐私保护的，基于云雾的可跟踪道路状况监控方案，该方案使用无证书的集合签密技术，其中车辆可以对消息进行签章并将其作为雾服务器上载到路边单元（RSU）。他们使用跟踪权限（TRA）创建车辆的假名，并在错误的路况信息带来麻烦时跟踪车辆的真实身份。云和雾的组合服务器可以减少为最终用户提供服务的延迟时间。

在第五篇题为“基于流量矩阵的物联网安全调度方法研究”中，曹等人表示。引入了服务器集群动态流量调度（DTSSC）模型，该模型建立在SDN上以平衡计算集群中的服务器负载。该模型基于一个简单的直觉，即新接收到的请求应由具有最大计算资源的服务器处理，或者应从整个网络中计算节点的更基本原始度量中得出。因此，通过提高物联网的可靠性和可扩展性，所有服务器的负载率都达到了相似的水平。

Aslam等人在题为“安全性和信任保持云间和云内虚拟机迁移”的下一个贡献中。通过引入称为Trust_Token的信任凭证，在不损害平台上的安全级别和用户定义的信任级别的情况下扩展了安全的VM迁移解决方案。他们使用可信平台模块（TPM）功能来安全迁移用户VM，并确保仅在可信赖的云平台上托管它。他们还使用Tamarin协议验证工具分析了安全属性，并发现在Dolev-Yao对手模型下它是安全的。

Li等人在下一篇名为“基于雾的智能电网协作入侵检测框架”中所做的贡献。引入了基于雾的协作入侵检测框架（CIDS），以增强智能电网（SG）的检测性能和效率。节点由几个关键组件组成，包括协作组件，信任管理组件，带检测器的IDS组件，规则数据库和常规配置文件以及P2P通信组件。该框架包含四层：云层，雾层，CIDS层和SG层。他们与网格服务提供商和一家IT公司合作进行了一项实验。结果表明，该框架可将两种内部攻击情形的检测效率分别提高21％至39％和24％至43％，将外部攻击情景的检测效率提高29％至45％，

Sun等人在题为“在混合云上为工业物联网提供基于网格的安全密度峰聚类安全”的最新贡献中。在用于IIoT大数据的混合云上引入了一种基于网格的安全网格密度峰聚类算法（SGBDPC），该技术使用网格降低密度样本并快速找到集群中心。客户端使用同态加密方案对私有数据进行加密，然后将密文上载到云服务端。对四个数据集的评估证明了准确性和效率。

总体而言，这些专刊涵盖了有关物联网的安全性，隐私和信任的广泛研究，并讨论了各种安全威胁和潜在的解决方案。客座编辑团队要感谢James Won-Ki Hong主编和Lisandro Zambenedetti Granville主编的大力支持，以及论文作者和审稿人的贡献。

数据可用性声明

数据共享不适用于本文，因为在当前研究期间未生成或分析任何数据集。