As the number of Internet of Things (IoT) devices increases, securing IoT communication protocols becomes critical. Due to the resource constraints of IoT networks, these protocols are particularly vulnerable to cyberattacks. Traditional security measures often fail to address the unique challenges posed by IoT communication, highlighting the need for specialized solutions. This research evaluates security vulnerabilities in key IoT communication protocols: MQTT, CoAP, and XMPP by identifying their strengths and weaknesses in handling various attack scenarios. A practical comparison is made for MQTT, examining the impact of using Transport Layer Security (TLS) on its security, while for XMPP, a theoretical comparison for using JSON Web Token (JWT) authentication is conducted. Additionally, the study explores the use of JWT in combination with a complementary nonce-based solution to enhance security and protect against inadequately addressed attacks in CoAP. The findings offer valuable insights that contribute to the development of more secure implementations for the three IoT communication protocols.

The National Contact Center (NCC) in the Kingdom of Bahrain serves as a pivotal platform for government clients to voice inquiries, requests, suggestions, and complaints regarding various government services. This paper introduces a secure platform for an Intelligent Agent (IA) named “Ali”. It is driven by Artificial Intelligence, engages in conversational interactions with e-Government customers. The platform incorporates Natural Language Processing (NLP) and Deep Learning (DL) to train the IA in understanding queries and formulating responses through Natural Language Generation (NLG). Ali is tasked with addressing incoming calls and executing various functions such as answering questions, executing actions, integrating with call center systems like Client Relationship Management (CRM), directing inquiries to appropriate government departments, completing forms, and scheduling appointments. The platform is tailored for a Bahraini IA proficient in Arabic and English, equipped with intelligent capabilities. To ensure customer privacy and security and to comply with Bahrain’s laws and regulations, the platform boasts a comprehensive security framework covering all aspects of security layers, network security, storage security, operating system security, system software and application security, data security, identity and access management, and service level agreements. This research delves into the architecture of conversational AI and the Machine Learning (ML), Deep Learning (DL), Natural Language Processing (NLP), Natural Language Understanding (NLU), and Natural Language Generation (NLG) components that collaborate to enable the IA’s functionality. The proposed project entails the development of an Intelligent Agent Framework in partnership with the Information and eGovernment Authority (iGA). The initiative involves initiating the IA project, delineating its scope, planning its phases, designing the solution architecture and requirements, and establishing security requirements for the chosen cloud model.

Despite the significant benefits that the Internet of Healthcare Things (IoHT) offered to the medical sector, there are concerns and risks regarding these systems which can delay their wide deployment as they handle sensitive, and often life-critical medical information. In addition to the IoHT concerns and risks, there are security constraints which include hardware, software, and network constraints that pose a security challenge to these systems. Therefore, security measures need to be deployed that can overcome the concerns, mitigate the risks, and meet the constraints of the IoHT. For these reasons, a subclasses intrusion detection system for the IoHT is proposed in this research work based on a novel variation of the standard One-class Support Vector Machine (OSVM), namely Deep Subclass Dispersion One-class Support Vector Machine (Deep SDOSVM), which considers subclasses in the target class, i.e. normal class, in order to minimize the data dispersion within and between subclasses, thereby improving the discriminative power and classification performance of the intrusion detection system. A deep clustering model is used for subclasses generation in the proposed Deep SDOSVM approach, namely the Dynamic Autoencoder Model (DynAE), to overcome the drawbacks of the classical clustering algorithms, and further enhance the classification performance of the intrusion detection system. The proposed deep clustering subclasses intrusion detection system was evaluated on the real-world TON_IoT dataset, and compared to other state-of-the-art one-class classifiers. Experimentation results showed that the proposed approach outperformed the other relevant one-class classifiers for network intrusion detection.