SerIoT Innovations

Overview of SerIoT innovations

SerIoT aims to provide a security solution for IoT platforms to solve specific problems, composed by some main innovations:

SDN Infrastructure

The aim of SerIoT is to develop new methods of ensuring security in IoT-centric networks based on Softwared Defined Networking (SDN) technology.

routing engine, working in the environment created by an SDN layered architecture, will combine not only security but also QoS and energy usage data, to find the routing paths for streams of IoT data, which are safe, efficient and reasonable from economy and ecology point of view.

The smart routing solution will be immersed in the Software Defined Network environment, which makes the control of the network easier than ever before. Being able to estimate security level, quality of service and energy efficiency of every traffic flow, we expect to achieve high quality routing decisions, and thanks to use of Random Neural Networks, the data paths will be calculated fast, making the whole system able to react quickly to rapid changes of conditions, e.g. as observed at the start of a network attack.

Work on new routing solutions will be accompanied by the development of methods of anomaly detection in IoT network traffic, used by monitoring & mitigation units.

As result, we expect to rise the security and safety level of IoT devices and their data to a new level.(Please, find more information here:

Innovation presentation: Cognitive Packet Network with Software Defined Networks using the Random Neural Network

Innovation presentation: SerIoT Fog Substrate and SDN Security

Innovation presentation: Autopolicy module

Innovation presentation: SerIoT Policy Based Framework

Innovation presentation: SerIoT Device Identity Manager

Innovation presentation: Formal Verification

Innovation presentation: Penetration testing module

Cross-layered anomaly detection framework

Artificial Intelligence techniques has been used for fast and accurate detection of irregular network traffic patterns, enabling early attack detection or mitigation of its consequences or even overcoming equipment’s physical deficiency. The Cross-Layer anomaly detection framework comprises two main components, the multi-agent Anomaly Detection (AD) and the L-ADS (Light-weight Anomaly Detection System).

 Both modules offer complementary performance deploying Machine LearningArtificial Intelligence and Graph Neural Network (GNN) technologies, attempting to detect network anomalies.

The most significant features of the multi-agent AD system are:

  1. Local monitoring of network nodes and their attached devices exploiting the underlying graph structure of the IoT network. 
  2. Accommodation of the complexity of IoT networks while representing the devices’ interconnections in a formative, visual manner, suitable for various IoT application areas.
  3. Distributed anomaly detection ensuring lower bandwidth and power consumption measurements, also addressing the distributed nature of attack patterns with high detection accuracy.
  4. Introduction of the GNNs in the area of anomaly detection in IoT networking ecosystems.

Furthermore, the L-ADS functionality includes:

i.  Training and model generation: use of the stored traffic data to train and generate detection models ii. Monitoring and prediction: monitors and evaluates in near real time the received traffic flow, and triggers alarms and warning messages in case of anomalous traffic detection.

Innovation presentation: Multi-agent anomaly detection module

Mitigation Engine

This component provides mitigation actions against threats or when an attack to the network is detected, based on AI and more specifically Pointer Deep Neural Networks. The main functionality of this component is to automatically decide and deploy appropriate mitigation actions against attacks. Additionally, the system operator can manually add mitigation actions. Finally, the Hypothesis Testing subcomponent allows the system operator to ascertain if a set of modified mitigation actions applied to the system are different than the existing mitigation actions in terms of cybersecurity KPI values.

Innovation presentation: SerIoT Unsupervised IoT-ready Engine for threat mitigation

Innovation presentation: Hypothesis testing module

Innovation presentation: Traffic Generator and Detector of malicious traffic

Video explanation of traffic generator and malicious traffic detection

Virtualized Honeypot for Network Traffic Analysis and Anomaly Detection

SerIoT will develop and implement the concept of virtualized self-cognitive IoT honeypots for IoT traffic analysis and anomalies detection. The honeypots will resemble the behaviour of regular devices (IoT devices, Routers, Gateways) while enabling the acquisition of large amount of high-value data of anomalous activities without compromising the IoT ecosystem operation.(Please, find more information here:


Besides, there is a myriad of added-value components that can customize this basic package in order to solve specific IoT security problems. As example, within SerIoT it has been created 4 different Use Cases which use different SerIoT components configuration to provide adhoc solutions.

UC1 Surveillance
Scenarios under the umbrella of public transport (public trolley-buses) where the gathering of large amounts of people and high value goods, as well as vehicles moving along, all lead to risks.
UC2 ITS in Smart CitiesApplications in Intelligent Transport Systems (ITS) integrated in the wider context of Smart City, implemented in vehicles, transportation infrastructures or mobile devices.
UC3 Flexible ManufacturingMonitoring and detection of physical attacks to wireless sensor networks in the context of the Industry 4.0
UC4 Food ChainControl the food transportation conditions and environment parameters in order to have a better control of the vegetables and fruits quality during transportation periods.

(Please, find more information here: