Out of Kilter: Holistic Exploitation of Denial of Service in Internet of Things

2018 ◽  
pp. 43-52 ◽  
Author(s):  
Suhas Setikere ◽  
Vinay Sachidananda ◽  
Yuval Elovici
Keyword(s):  
Internet Of Things ◽  
Denial Of Service

Proposed Back Propagation Deep Neural Network for Intrusion Detection in Internet of Things Fog Computing

2021 ◽  
Vol 9 (4) ◽  
pp. 464-469
Keyword(s):  
Cloud Computing ◽  
Internet Of Things ◽  
Intrusion Detection ◽  
Fog Computing ◽  
Denial Of Service ◽  
Back Propagation ◽  
Security And Privacy ◽  
Brute Force ◽  
Iot Platform ◽  
Proposed Model

Internet of things (IoT) is an emerging concept which aims to connect billions of devices with each other anytime regardless of their location. Sadly, these IoT devices do not have enough computing resources to process huge amount of data. Therefore, Cloud computing is relied on to provide these resources. However, cloud computing based architecture fails in applications that demand very low and predictable latency, therefore the need for fog computing which is a new paradigm that is regarded as an extension of cloud computing to provide services between end users and the cloud user. Unfortunately, Fog-IoT is confronted with various security and privacy risks and prone to several cyberattacks which is a serious challenge. The purpose of this work is to present security and privacy threats towards Fog-IoT platform and discuss the security and privacy requirements in fog computing. We then proceed to propose an Intrusion Detection System (IDS) model using Standard Deep Neural Network's Back Propagation algorithm (BPDNN) to mitigate intrusions that attack Fog-IoT platform. The experimental Dataset for the proposed model is obtained from the Canadian Institute for Cybersecurity 2017 Dataset. Each instance of the attack in the dataset is separated into separate files, which are DoS (Denial of Service), DDoS (Distributed Denial of Service), Web Attack, Brute Force FTP, Brute Force SSH, Heartbleed, Infiltration and Botnet (Bot Network) Attack. The proposed model is trained using a 3-layer BP-DNN

scholarly journals Mathematical model on distributed denial of service attack through Internet of things in a network

2019 ◽  
Vol 8 (1) ◽  
pp. 486-495 ◽  
Author(s):  
Bimal Kumar Mishra ◽  
Ajit Kumar Keshri ◽  
Dheeresh Kumar Mallick ◽  
Binay Kumar Mishra
Keyword(s):  
Mathematical Model ◽  
Internet Of Things ◽  
Equilibrium Points ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Denial Of Service Attack ◽  
Different Types ◽  
Service Attack ◽  
Iot Devices

Abstract Internet of Things (IoT) opens up the possibility of agglomerations of different types of devices, Internet and human elements to provide extreme interconnectivity among them towards achieving a completely connected world of things. The mainstream adaptation of IoT technology and its widespread use has also opened up a whole new platform for cyber perpetrators mostly used for distributed denial of service (DDoS) attacks. In this paper, under the influence of internal and external nodes, a two - fold epidemic model is developed where attack on IoT devices is first achieved and then IoT based distributed attack of malicious objects on targeted resources in a network has been established. This model is mainly based on Mirai botnet made of IoT devices which came into the limelight with three major DDoS attacks in 2016. The model is analyzed at equilibrium points to find the conditions for their local and global stability. Impact of external nodes on the over-all model is critically analyzed. Numerical simulations are performed to validate the vitality of the model developed.

scholarly journals Assessing Impacts of 5th Generation (5G) Cellular Telecommunications on Internet of Things (IoT) Deployments

2020 ◽  
Vol 4 (2) ◽  
Author(s):  
Michael Love ◽  
Marwan Jamal
Keyword(s):  
Internet Of Things ◽  
Denial Of Service ◽  
Holistic Approach ◽  
Chief Information Officer ◽  
Superior Performance ◽  
Cellular Transport ◽  
Government Accountability ◽  
Business Services ◽  
High Bandwidth ◽  
The Internet Of Things

The Internet of Things (IoT) is emerging as a primary enabler of the transformation to digital business services in today’s economy. At the same time, 5th Generation (5G) cellular transport technology is emerging as a viable means to support IoT data requirements. Although 5G is still in its infancy, DoD leaders need to understand the impacts that 5G will have on IoT projects as there are several challenges involved with integrating 5G into IoT. In order to achieve the maximum benefits of high bandwidth, low latency and superior performance, an entirely new grid of cell sites and access units must be installed. A second challenge is with malware and intrusion attacks. 5G is an IP-based network technology that will expose 5G connected devices to common IP-based malware and intrusion risks such as denial-of-service (DOS and DDOS) and intrusion attacks. A third challenge is with standardized security and encryption of data from end-devices. The larger challenge with standardization involves interoperability. In order for 5G to work seamlessly across carriers with device agnostic hardware and compatible software, a holistic approach should be considered. Hardware compatibility will determine interoperability between sensors, platforms and gateways. In addition, software compatibility will be governed by 5G standards as well as industry partnerships. 5G standards are currently still being developed. Organizations, including the DoD Chief Information Officer and Government Accountability Office should specifically address implications of 5G cellular technology for IoT-related studies and use cases in the DoD.

scholarly journals Recent Advancements in Intrusion Detection Systems for the Internet of Things

2019 ◽  
Vol 2019 ◽  
pp. 1-19 ◽  
Author(s):  
Zeeshan Ali Khan ◽  
Peter Herrmann
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Ad Hoc ◽  
Denial Of Service ◽  
Research Work ◽  
Intrusion Detection Systems ◽  
Future Research ◽  
Detection Systems ◽  
Iot Applications ◽  
Iot Devices

Many Internet of Things (IoT) systems run on tiny connected devices that have to deal with severe processor and energy restrictions. Often, the limited processing resources do not allow the use of standard security mechanisms on the nodes, making IoT applications quite vulnerable to different types of attacks. This holds particularly for intrusion detection systems (IDS) that are usually too resource-heavy to be handled by small IoT devices. Thus, many IoT systems are not sufficiently protected against typical network attacks like Denial-of-Service (DoS) and routing attacks. On the other side, IDSs have already been successfully used in adjacent network types like Mobile Ad hoc Networks (MANET), Wireless Sensor Networks (WSN), and Cyber-Physical Systems (CPS) which, in part, face limitations similar to those of IoT applications. Moreover, there is research work ongoing that promises IDSs that may better fit to the limitations of IoT devices. In this article, we will give an overview about IDSs suited for IoT networks. Besides looking on approaches developed particularly for IoT, we introduce also work for the three similar network types mentioned above and discuss if they are also suitable for IoT systems. In addition, we present some suggestions for future research work that could be useful to make IoT networks more secure.

scholarly journals SlowTT: A Slow Denial of Service against IoT Networks

Information ◽  
2020 ◽  
Vol 11 (9) ◽  
pp. 452
Author(s):  
Ivan Vaccari ◽  
Maurizio Aiello ◽  
Enrico Cambiaso
Keyword(s):  
Internet Of Things ◽  
Denial Of Service ◽  
Computational Power ◽  
Message Queue ◽  
Denial Of Service Attack ◽  
Research Activities ◽  
Cyber Threat ◽  
Service Attack ◽  
Long Time ◽  
Low Rate

The security of Internet of Things environments is a critical and trending topic, due to the nature of the networks and the sensitivity of the exchanged information. In this paper, we investigate the security of the Message Queue Telemetry Transport (MQTT) protocol, widely adopted in IoT infrastructures. We exploit two specific weaknesses of MQTT, identified during our research activities, allowing the client to configure the KeepAlive parameter and MQTT packets to execute an innovative cyber threat against the MQTT broker. In order to validate the exploitation of such vulnerabilities, we propose SlowTT, a novel “Slow” denial of service attack aimed at targeting MQTT through low-rate techniques, characterized by minimum attack bandwidth and computational power requirements. We validate SlowTT against real MQTT services, by considering both plaintext and encrypted communications and by comparing the effects of the attack when targeting different application daemons and protocol versions. Results show that SlowTT is extremely successful, and it can exploit the identified vulnerability to execute a denial of service against the IoT network by keeping the connection alive for a long time.

scholarly journals SlowITe, a Novel Denial of Service Attack Affecting MQTT

Sensors ◽  
2020 ◽  
Vol 20 (10) ◽  
pp. 2932
Author(s):  
Ivan Vaccari ◽  
Maurizio Aiello ◽  
Enrico Cambiaso
Keyword(s):  
Internet Of Things ◽  
Denial Of Service ◽  
The Internet ◽  
Message Queue ◽  
Plain Text ◽  
Denial Of Service Attack ◽  
Service Attack ◽  
Iot Devices ◽  
The Internet Of Things ◽  
Low Rate

Security of the Internet of Things is a crucial topic, due to the criticality of the networks and the sensitivity of exchanged data. In this paper, we target the Message Queue Telemetry Transport (MQTT) protocol used in IoT environments for communication between IoT devices. We exploit a specific weakness of MQTT which was identified during our research, allowing the client to configure the behavior of the server. In order to validate the possibility to exploit such vulnerability, we propose SlowITe, a novel low-rate denial of service attack aimed to target MQTT through low-rate techniques. We validate SlowITe against real MQTT services, considering both plain text and encrypted communications and comparing the effects of the threat when targeting different daemons. Results show that the attack is successful and it is able to exploit the identified vulnerability to lead a DoS on the victim with limited attack resources.

Sign in / Sign up

Export Citation Format

Share Document