A Generalized Comprehensive Security Architecture Framework for IoT Applications Against Cyber-Attacks

2021 ◽  
pp. 455-471
Author(s):  
M. Nakkeeran ◽  
Senthilkumar Mathi
Keyword(s):  
Cyber Attacks ◽  
Security Architecture ◽  
Iot Applications ◽  
Architecture Framework

scholarly journals Hybrid Network Defense Model Based on Fuzzy Evaluation

2014 ◽  
Vol 2014 ◽  
pp. 1-12 ◽  
Author(s):  
Ying-Chiang Cho ◽  
Jen-Yi Pan
Keyword(s):  
Network Security ◽  
Test Subject ◽  
Cyber Attacks ◽  
Hybrid Network ◽  
Security Architecture ◽  
Fuzzy Evaluation ◽  
Distributed Network ◽  
Network Defense ◽  
Security Technologies ◽  
Defense Model

With sustained and rapid developments in the field of information technology, the issue of network security has become increasingly prominent. The theme of this study is network data security, with the test subject being a classified and sensitive network laboratory that belongs to the academic network. The analysis is based on the deficiencies and potential risks of the network’s existing defense technology, characteristics of cyber attacks, and network security technologies. Subsequently, a distributed network security architecture using the technology of an intrusion prevention system is designed and implemented. In this paper, first, the overall design approach is presented. This design is used as the basis to establish a network defense model, an improvement over the traditional single-technology model that addresses the latter’s inadequacies. Next, a distributed network security architecture is implemented, comprising a hybrid firewall, intrusion detection, virtual honeynet projects, and connectivity and interactivity between these three components. Finally, the proposed security system is tested. A statistical analysis of the test results verifies the feasibility and reliability of the proposed architecture. The findings of this study will potentially provide new ideas and stimuli for future designs of network security architecture.

scholarly journals Preventing MQTT Vulnerabilities Using IoT-Enabled Intrusion Detection System

Sensors ◽  
2022 ◽  
Vol 22 (2) ◽  
pp. 567
Author(s):  
Muhammad Husnain ◽  
Khizar Hayat ◽  
Enrico Cambiaso ◽  
Ubaid U. Fayyaz ◽  
Maurizio Mongelli ◽  
...  
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Communication Protocol ◽  
Detection System ◽  
Communication Technologies ◽  
Cyber Attacks ◽  
Iot Security ◽  
Iot Applications ◽  
Iot Devices ◽  
Main Component

The advancement in the domain of IoT accelerated the development of new communication technologies such as the Message Queuing Telemetry Transport (MQTT) protocol. Although MQTT servers/brokers are considered the main component of all MQTT-based IoT applications, their openness makes them vulnerable to potential cyber-attacks such as DoS, DDoS, or buffer overflow. As a result of this, an efficient intrusion detection system for MQTT-based applications is still a missing piece of the IoT security context. Unfortunately, existing IDSs do not provide IoT communication protocol support such as MQTT or CoAP to validate crafted or malformed packets for protecting the protocol implementation vulnerabilities of IoT devices. In this paper, we have designed and developed an MQTT parsing engine that can be integrated with network-based IDS as an initial layer for extensive checking against IoT protocol vulnerabilities and improper usage through a rigorous validation of packet fields during the packet-parsing stage. In addition, we evaluate the performance of the proposed solution across different reported vulnerabilities. The experimental results demonstrate the effectiveness of the proposed solution for detecting and preventing the exploitation of vulnerabilities on IoT protocols.

Sign in / Sign up

Export Citation Format

Share Document