Probe Delay Based Adaptive Port Scanning for IoT Devices with Private IP Address Behind NAT

Many home IoT devices are joining IoT networks by gaining access to some home gateway that configures smart, multimedia, and home networks. To enable secure IoT-based home networking services, (1) an IoT network should be effectively designed and configured with a IoT server, (2) a messaging protocol is required to exchange information between the IoT server and IoT devices, and (3) the home gateway should monitor all safety aspects in both inbound and outbound traffic of the home network. However, not all home network users put in consideration the need for an adequate security posture. Instead, many users still rely on the minimum home network security by setting an easiest-to-guess password to restrict unauthorized access to their home gateway. In this paper, we propose a network design and configuration that enables secure IoT services with MQTT messaging protocol for home networks. With the proposed network design, a home network is interconnected to external networks through a home gateway. To separate the IoT-subnet from other parts of home network, the home gateway subdivides a home network into an inside-subnet and an IoT-subnet with a private IP address using subnet masking. The IoT server, located in the IoT-subnet can be implemented with either a general HTTP server or a security server that acts as an MQTT broker. The secure communications among network entities are governed by a home gateway operating a well-configured extended access control. The effectiveness of the proposed design and configuration is verified through a simulation by showing that it does not impose any significant performance degradation for reinforced security. We expect the proposed configuration to help facilitate interconnection among heterogeneous network entities.

Download Full-text

Virtual IP-Based Secure Gatekeeper System for Internet of Things

Sensors ◽

10.3390/s21010038 ◽

2020 ◽

Vol 21 (1) ◽

pp. 38

Author(s):

Younchan Jung ◽

Ronnel Agulto

Keyword(s):

Internet Of Things ◽

Autonomous Vehicles ◽

Ip Address ◽

Address Mapping ◽

User Terminal ◽

Address Translation ◽

Iot Devices ◽

Pass Through ◽

Self Driving Cars ◽

Mapping Information

The advantage of using the Network Address Translation device is that the internal IP address, which makes the IP address space of Internet of Things (IoT) devices expanded, is invisible from the outside and safe from external attacks. However, the use of these private IPv4 addresses poses traversal problems, especially for the mobile IoTs to operate peer-to-peer applications. An alternative solution is to use IPv6 technologies for future IoT devices. However, IPv6 package, including IPSec, is too complex to apply to the IoT device because it is a technology developed for the user terminal with enough computing power. This paper proposes a gatekeeper to enable the real IP addresses of IoTs inside the same subnetwork to be not explicitly addressable and visible from outside of the gatekeeper. Each IoT device publishes its virtual IP address via the Registrar Server or Domain Name System (DNS) with which the gatekeeper shares the address mapping information. While the gatekeeper maintains the mapping information for the local IoT devices, the registration server or DNS has global address mapping information so that any peer can reach the mapping information. All incoming and outgoing packets must pass through the gatekeeper responsible for the address conversion and security checks for them from the entrance. This paper aims to apply our gatekeeper system to a platform of self-driving cars that allows surrounding IoT cameras and autonomous vehicles to communicate with each other securely, safely, and rapidly. So, this paper finally analyzes improvement effects on latency to show that our gatekeeper system guarantees the latency goal of 20 ms under the environment of 5G links.

Download Full-text

Forensik Internet Of Things pada Device Level berbasis Embedded System

Jurnal Teknologi Informasi dan Ilmu Komputer ◽

10.25126/jtiik.2019661828 ◽

2019 ◽

Vol 6 (6) ◽

pp. 703

Author(s):

Eri Haryanto ◽

Imam Riadi

Keyword(s):

Internet Of Things ◽

Embedded System ◽

Smart Home ◽

Forensic Analysis ◽

Smart Device ◽

Ip Address ◽

Cloud Server ◽

Iot Devices ◽

Internet Networks ◽

The Internet Of Things

Perangkat Internet of Things (IoT) merupakan perangkat cerdas yang memiliki interkoneksi dengan jaringan internet global. Investigasi kasus yang menyangkut perangkat IoT akan menjadi tantangan tersendiri bagi investigator forensik. Keberagaman jenis perangkat dan teknologi akan memunculkan tantangan baru bagi investigator forensik. Dalam penelitian ini dititikberatkan forensik di level internal device perangkat IoT. Belum banyak bahkan belum penulis temukan penelitian sejenis yang fokus dalam analisis forensik perangkat IoT pada level device. Penelitian yang sudah dilakukan sebelumnya lebih banyak pada level jaringan dan level cloud server perangkat IoT. Pada penelitian ini dibangun environment perangkat IoT berupa prototype smart home sebagai media penelitian dan kajian tentang forensik level device. Pada penelitian ini digunakan analisis model forensik yang meliputi collection, examination, analysis, dan reporting dalam investigasi forensik untuk menemukan bukti digital. Penelitian ini berhasil mengungkap benar-benar ada serangan berupa injeksi malware terhadap perangkat IoT yang memiliki sistem operasi Raspbian, Fedberry dan Ubuntu Mate. Pengungkapan fakta kasus mengalami kesulitan pada perangkat IoT yang memiliki sistem operasi Kali Linux. Ditemukan 1 IP Address komputer penyerang yang diduga kuat menanamkan malware dan mengganggu sistem kerja perangkat IoT.AbstractThe Internet of Things (IoT) is an smart device that has interconnection with global internet networks. Investigating cases involving IoT devices will be a challenge for forensic investigators. The diversity of types of equipment and technology will create new challenges for forensic investigators. In this study focused on forensics at the IoT device's internal device level, there have not been many similar research that focuses on forensic analysis of IoT devices at the device level. Previous research has been done more at the network level and cloud level of IoT device's. In this study an IoT environment was built a smart home prototype as a object for research and studies on forensic level devices. This study, using forensic model analysis which includes collection, examination, analysis, and reporting in finding digital evidence. This study successfully revealed that there was really an attack in the form of malware injection against IoT devices that have Raspbian, Fedberry and Ubuntu Mate operating systems. Disclosure of the fact that the case has difficulties with IoT devices that have the Kali Linux operating system. Found 1 IP Address of an attacker's computer that is allegedly strongly infusing malware and interfering with the work system of IoT devices.

Download Full-text

A Malware Distribution Simulator for the Verification of Network Threat Prevention Tools

Sensors ◽

10.3390/s21216983 ◽

2021 ◽

Vol 21 (21) ◽

pp. 6983

Author(s):

Song-Yi Hwang ◽

Jeong-Nyeo Kim

Keyword(s):

Denial Of Service ◽

Malicious Code ◽

The Internet ◽

Simulation Tool ◽

Distributed Denial Of Service ◽

Network Access ◽

Ip Address ◽

Network Equipment ◽

Low Performance ◽

Iot Devices

With the expansion of the Internet of Things (IoT), security incidents about exploiting vulnerabilities in IoT devices have become prominent. However, due to the characteristics of IoT devices such as low power and low performance, it is difficult to apply existing security solutions to IoT devices. As a result, IoT devices have easily become targets for cyber attackers, and malware attacks on IoT devices are increasing every year. The most representative is the Mirai malware that caused distributed denial of service (DDoS) attacks by creating a massive IoT botnet. Moreover, Mirai malware has been released on the Internet, resulting in increasing variants and new malicious codes. One of the ways to mitigate distributed denial of service attacks is to render the creation of massive IoT botnets difficult by preventing the spread of malicious code. For IoT infrastructure security, security solutions are being studied to analyze network packets going in and out of IoT infrastructure to detect threats, and to prevent the spread of threats within IoT infrastructure by dynamically controlling network access to maliciously used IoT devices, network equipment, and IoT services. However, there is a great risk to apply unverified security solutions to real-world environments. In this paper, we propose a malware simulation tool that scans vulnerable IoT devices assigned a private IP address, and spreads malicious code within IoT infrastructure by injecting malicious code download command into vulnerable devices. The malware simulation tool proposed in this paper can be used to verify the functionality of network threat detection and prevention solutions.

Download Full-text

Implementation of ARP Spoofing for IOT Devices Using Cryptography AES and ECDSA Algorithms

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b1363.0982s1119 ◽

2019 ◽

Vol 8 (2S11) ◽

pp. 2889-2893

Keyword(s):

Internet Of Things ◽

Denial Of Service ◽

Media Access Control ◽

Media Access ◽

Ip Address ◽

Digital Signature Algorithm ◽

Address Resolution Protocol ◽

Man In The Middle ◽

Arp Spoofing ◽

Iot Devices

The Internet of Things is the network of numerous devices and communicate with an internet by using the IP address. The IOT objects shares the information using wireless connection. During the data transmission, that can be distorted by the Hackers by knowing their IP address. In IOT (Internet of Things), the wireless communication between the devices makes the users to be vulnerable. So, the hackers may spoof the MAC address of the communicating devices. The receiver MAC address is identified and then false MAC (Media Access Control) address is created by the hacker. Then, attackers replaces the original MAC address in the ARP (Address Resolution Protocol) table of the sender. So,the hackers may impersonate like the sender. Therefore, Cryptographic algorithms like AES (Advanced Encryption Standard) for confidentiality and ECDSA (Elliptic Curve Digital Signature Algorithm) for Authentication are applied in the proposed algorithm to safeguard the data as well as the devices from the hackers. The following attacks such as Man-in-the-Middle, Denial -of -Service (DOS) and ARP spoofing are strongly prevented in the proposed algorithm. Thus, the implementation of an algorithm is carried out in Ubuntu Linux environment with installing Python dependencies. This algorithm affords an efficient way to thwart ARP (Address Resolution Protocol) spoofing by the hackers for IOT devices.

Download Full-text

Internet of Things and the Role of Wireless Sensor Networks in IoT

Advances in Environmental Engineering and Green Technologies - Smart Agricultural Services Using Deep Learning, Big Data, and IoT ◽

10.4018/978-1-7998-5003-8.ch006 ◽

2021 ◽

pp. 113-127

Author(s):

Sunita Gupta ◽

Sakar Gupta

Keyword(s):

Wireless Sensor Networks ◽

Sensor Networks ◽

Internet Of Things ◽

Smart Phones ◽

Wireless Sensor ◽

Ip Address ◽

Exchange Information ◽

Iot Devices

Internet of things (IoT) is a network of connected devices that work together and exchange information. In IoT, things or devices means any object with its own IP address that is able to connect to a network and can send and receive using internet. Examples of IoT devices are computers, laptops, smart phones, and objects that are operational with chips to collect and correspond data over a network. The range of internet of things devices is huge. Consumers use smart phones to correspond with IoT devices.

Download Full-text

Security with IP Address Assignment and Spoofing for Smart IOT Devices

2018 International Conference on Advances in Computing, Communications and Informatics (ICACCI) ◽

10.1109/icacci.2018.8554660 ◽

2018 ◽

Cited By ~ 3

Author(s):

S Rajashree ◽

K S Soman ◽

Pritam Gajkumar Shah

Keyword(s):

Ip Address ◽

Iot Devices

Download Full-text

Heuristic vs Metaheuristic Method: Improvement of Spoofed Fingerprint Identification in IoT Devices

International Review on Modelling and Simulations (IREMOS) ◽

10.15866/iremos.v12i3.17330 ◽

2019 ◽

Vol 12 (3) ◽

pp. 168

Author(s):

Guruh Fajar Shidik ◽

Edi Jaya Kusuma ◽

Safira Nuraisha ◽

Pulung Nurtantio Andono

Keyword(s):

Fingerprint Identification ◽

Iot Devices ◽

Method Improvement

Download Full-text

APLIKASI PENCARI INFORMASI PERMINTAAN LAYANAN WEB YANG ERROR MENGGUNAKAN ALGORITMA BOYER-MOORE

Unes journal of Information System ◽

10.31933/ujis.1.1.001-010.2016 ◽

2016 ◽

Vol 1 (1) ◽

pp. 001

Author(s):

Harry Setya Hadi

Keyword(s):

Data Storage ◽

Computer Network ◽

Web Server ◽

Access Methods ◽

Ip Address ◽

String Searching ◽

Common Process ◽

Web Server Logs ◽

Different Parts ◽

The Web

String searching is a common process in the processes that made the computer because the text is the main form of data storage. Boyer-Moore is the search string from right to left is considered the most efficient methods in practice, and matching string from the specified direction specifically an algorithm that has the best results theoretically. A system that is connected to a computer network that literally pick a web server that is accessed by multiple users in different parts of both good and bad aim. Any activity performed by the user, will be stored in Web server logs. With a log report contained in the web server can help a web server administrator to search the web request error. Web server log is a record of the activities of a web site that contains the data associated with the IP address, time of access, the page is opened, activities, and access methods. The amount of data contained in the resulting log is a log shed useful information.

Download Full-text

Bringing Security to The Smallest Embedded Systems

10.34048/2017.1.f5 ◽

2017 ◽

Author(s):

JOSEPH YIU

Keyword(s):

Internet Of Things ◽

Embedded Systems ◽

Low Cost ◽

Security Requirements ◽

The Internet ◽

Security Measures ◽

Significant Challenge ◽

Iot Devices

The increasing need for security in microcontrollers Security has long been a significant challenge in microcontroller applications(MCUs). Traditionally, many microcontroller systems did not have strong security measures against remote attacks as most of them are not connected to the Internet, and many microcontrollers are deemed to be cheap and simple. With the growth of IoT (Internet of Things), security in low cost microcontrollers moved toward the spotlight and the security requirements of these IoT devices are now just as critical as high-end systems due to:

Download Full-text