A Secured Framework to Identify and Mitigate Attack

doi:10.35940/ijies.h0963.035820

A Secured Framework to Identify and Mitigate Attack

International Journal of Inventive Engineering and Sciences - Regular Issue ◽

10.35940/ijies.h0963.035820 ◽

2020 ◽

Vol 5 (8) ◽

pp. 4-7

Keyword(s):

Denial Of Service ◽

Edge Computing ◽

The Internet ◽

Valuable Data ◽

Block Chain ◽

Iot Devices ◽

Screen Play

Nowadays security is major concern for any user connected to the internet. Various types of attacks are to be performed by intruders to obtaining user information as man- inmiddle attack, denial of service, malware attacks etc. Malware attacks specifically ransomware attack become very famous recently. Ransomware attack threaten the users by encrypting their most valuable data, lock the user screen, play some random videos and by various more means. Finally attacker takes benefits by users through paid ransom. In this paper, we propose a framework which prevents the ransomware attack more appropriately using various techniques as block chain, honeypot, cloud & edge computing. This framework is analyzed mainly through the IoT devices and generalized to the any malware attack.

Download Full-text

HomeTec Software for Security Aspects of Smart Home Devices Based on IoT

10.54216/jcim.050101 ◽

2021 ◽

pp. 5-16

Author(s):

Parth Rustagi ◽

◽

...

Keyword(s):

Smart Home ◽

Denial Of Service ◽

Security Protocols ◽

The Internet ◽

Security Threats ◽

Deep Dive ◽

Cost Cutting ◽

Full Control ◽

Iot Devices ◽

Service Data

As useful as it gets to connect devices to the internet to make life easier and more comfortable, it also opens the gates to various cyber threats. The connection of Smart Home devices to the internet makes them vulnerable to malicious hackers that infiltrate the system. Hackers can penetrate these systems and have full control over devices. This can lead to denial of service, data leakage, invasion of privacy, etc. Thus security is a major aspect of Smart home devices. However, many companies manufacturing these Smart Home devices have little to no security protocols in their devices. In the process of making the IoT devices cheaper, various cost-cutting is done on the security protocols in IoT devices. In some way, many manufactures of the devices don’t even consider this as a factor to build upon. This leaves the devices vulnerable to attacks. Various authorities have worked upon to standardize the security aspects for the IoT and listed out guidelines for manufactures to follow, but many fail to abide by them. This paper introduces and talks about the various threats, various Security threats to Smart Home devices. It takes a deep dive into the solutions for the discussed threats. It also discusses their prevention. Lastly, it discusses various preventive measures and good practices to be incorporated to protect devices from any future attacks.

Download Full-text

SlowITe, a Novel Denial of Service Attack Affecting MQTT

Sensors ◽

10.3390/s20102932 ◽

2020 ◽

Vol 20 (10) ◽

pp. 2932

Author(s):

Ivan Vaccari ◽

Maurizio Aiello ◽

Enrico Cambiaso

Keyword(s):

Internet Of Things ◽

Denial Of Service ◽

The Internet ◽

Message Queue ◽

Plain Text ◽

Denial Of Service Attack ◽

Service Attack ◽

Iot Devices ◽

The Internet Of Things ◽

Low Rate

Security of the Internet of Things is a crucial topic, due to the criticality of the networks and the sensitivity of exchanged data. In this paper, we target the Message Queue Telemetry Transport (MQTT) protocol used in IoT environments for communication between IoT devices. We exploit a specific weakness of MQTT which was identified during our research, allowing the client to configure the behavior of the server. In order to validate the possibility to exploit such vulnerability, we propose SlowITe, a novel low-rate denial of service attack aimed to target MQTT through low-rate techniques. We validate SlowITe against real MQTT services, considering both plain text and encrypted communications and comparing the effects of the threat when targeting different daemons. Results show that the attack is successful and it is able to exploit the identified vulnerability to lead a DoS on the victim with limited attack resources.

Download Full-text

Edge Computing: A Survey On the Hardware Requirements in the Internet of Things World

Future Internet ◽

10.3390/fi11040100 ◽

2019 ◽

Vol 11 (4) ◽

pp. 100 ◽

Cited By ~ 20

Author(s):

Maurizio Capra ◽

Riccardo Peloso ◽

Guido Masera ◽

Massimo Ruo Roch ◽

Maurizio Martina

Keyword(s):

Internet Of Things ◽

Mobile Devices ◽

Information Exchange ◽

Large Scale ◽

Operating Time ◽

Edge Computing ◽

The Internet ◽

Power Load ◽

Battery Capacity ◽

Iot Devices

In today’s world, ruled by a great amount of data and mobile devices, cloud-based systems are spreading all over. Such phenomenon increases the number of connected devices, broadcast bandwidth, and information exchange. These fine-grained interconnected systems, which enable the Internet connectivity for an extremely large number of facilities (far beyond the current number of devices) go by the name of Internet of Things (IoT). In this scenario, mobile devices have an operating time which is proportional to the battery capacity, the number of operations performed per cycle and the amount of exchanged data. Since the transmission of data to a central cloud represents a very energy-hungry operation, new computational paradigms have been implemented. The computation is not completely performed in the cloud, distributing the power load among the nodes of the system, and data are compressed to reduce the transmitted power requirements. In the edge-computing paradigm, part of the computational power is moved toward data collection sources, and, only after a first elaboration, collected data are sent to the central cloud server. Indeed, the “edge” term refers to the extremities of systems represented by IoT devices. This survey paper presents the hardware architectures of typical IoT devices and sums up many of the low power techniques which make them appealing for a large scale of applications. An overview of the newest research topics is discussed, besides a final example of a complete functioning system, embedding all the introduced features.

Download Full-text

Satellite Edge Computing for the Internet of Things in Aerospace

Sensors ◽

10.3390/s19204375 ◽

2019 ◽

Vol 19 (20) ◽

pp. 4375 ◽

Cited By ~ 6

Author(s):

Yuxuan Wang ◽

Jun Yang ◽

Xiye Guo ◽

Zhi Qu

Keyword(s):

Internet Of Things ◽

Computing System ◽

Edge Computing ◽

The Internet ◽

New Paradigm ◽

Long Distance ◽

Modeling Analysis ◽

Iot Devices ◽

Terrestrial Network ◽

The Internet Of Things

As one of the information industry’s future development directions, the Internet of Things (IoT) has been widely used. In order to reduce the pressure on the network caused by the long distance between the processing platform and the terminal, edge computing provides a new paradigm for IoT applications. In many scenarios, the IoT devices are distributed in remote areas or extreme terrain and cannot be accessed directly through the terrestrial network, and data transmission can only be achieved via satellite. However, traditional satellites are highly customized, and on-board resources are designed for specific applications rather than universal computing. Therefore, we propose to transform the traditional satellite into a space edge computing node. It can dynamically load software in orbit, flexibly share on-board resources, and provide services coordinated with the cloud. The corresponding hardware structure and software architecture of the satellite is presented. Through the modeling analysis and simulation experiments of the application scenarios, the results show that the space edge computing system takes less time and consumes less energy than the traditional satellite constellation. The quality of service is mainly related to the number of satellites, satellite performance, and task offloading strategy.

Download Full-text

Preserving Data Privacy in the Internet of Medical Things Using Dual Signature ECDSA

Security and Communication Networks ◽

10.1155/2020/4960964 ◽

2020 ◽

Vol 2020 ◽

pp. 1-9 ◽

Cited By ~ 1

Author(s):

Maria-Dolores Cano ◽

Antonio Cañavate-Sanchez

Keyword(s):

Elliptic Curve ◽

Private Information ◽

Data Privacy ◽

Edge Computing ◽

Security And Privacy ◽

The Internet ◽

Consumer Privacy ◽

Digital Signature Algorithm ◽

Internet Of Medical Things ◽

Iot Devices

The disclosure of personal and private information is one of the main challenges of the Internet of Medical Things (IoMT). Most IoMT-based services, applications, and platforms follow a common architecture where wearables or other medical devices capture data that are forwarded to the cloud. In this scenario, edge computing brings new opportunities to enhance the operation of IoMT. However, despite the benefits, the inherent characteristics of edge computing require countermeasures to address the security and privacy issues that IoMT gives rise to. The restrictions of IoT devices in terms of battery, memory, hardware resources, or computing capabilities have led to a common agreement for the use of elliptic curve cryptography (ECC) with hardware or software implementations. As an example, the elliptic curve digital signature algorithm (ECDSA) is widely used by IoT devices to compute digital signatures. On the other hand, it is well known that dual signature has been an effective method to provide consumer privacy in classic e-commerce services. This article joins both approaches. It presents a novel solution to enhanced security and the preservation of data privacy in communications between IoMT devices and the cloud via edge computing devices. While data source anonymity is achieved from the cloud perspective, integrity and origin authentication of the collected data is also provided. In addition, computational requirements and complexity are kept to a minimum.

Download Full-text

Intrusion Detection in IoT Networks Using Deep Learning Algorithm

Information ◽

10.3390/info11050279 ◽

2020 ◽

Vol 11 (5) ◽

pp. 279 ◽

Cited By ~ 1

Author(s):

Bambang Susilo ◽

Riri Fitri Sari

Keyword(s):

Machine Learning ◽

Deep Learning ◽

Learning Strategies ◽

Learning Algorithm ◽

Human Life ◽

Denial Of Service ◽

The Internet ◽

Dos Attacks ◽

Deep Learning Algorithm ◽

Iot Devices

The internet has become an inseparable part of human life, and the number of devices connected to the internet is increasing sharply. In particular, Internet of Things (IoT) devices have become a part of everyday human life. However, some challenges are increasing, and their solutions are not well defined. More and more challenges related to technology security concerning the IoT are arising. Many methods have been developed to secure IoT networks, but many more can still be developed. One proposed way to improve IoT security is to use machine learning. This research discusses several machine-learning and deep-learning strategies, as well as standard datasets for improving the security performance of the IoT. We developed an algorithm for detecting denial-of-service (DoS) attacks using a deep-learning algorithm. This research used the Python programming language with packages such as scikit-learn, Tensorflow, and Seaborn. We found that a deep-learning model could increase accuracy so that the mitigation of attacks that occur on an IoT network is as effective as possible.

Download Full-text

Cyber-Physical System and Internet of Things Security

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch018 ◽

2021 ◽

pp. 328-357

Author(s):

Thomas Ulz ◽

Sarah Haas ◽

Christian Steger

Keyword(s):

Internet Of Things ◽

Public Awareness ◽

Denial Of Service ◽

The Internet ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Industrial Iot ◽

Confidential Data ◽

Iot Devices ◽

The Internet Of Things

An increase of distributed denial-of-service (DDoS) attacks launched by botnets such as Mirai has raised public awareness regarding potential security weaknesses in the Internet of Things (IoT). Devices are an attractive target for attackers because of their large number and due to most devices being online 24/7. In addition, many traditional security mechanisms are not applicable for resource constraint IoT devices. The importance of security for cyber-physical systems (CPS) is even higher, as most systems process confidential data or control a physical process that could be harmed by attackers. While industrial IoT is a hot topic in research, not much focus is put on ensuring information security. Therefore, this paper intends to give an overview of current research regarding the security of data in industrial CPS. In contrast to other surveys, this work will provide an overview of the big CPS security picture and not focus on special aspects.

Download Full-text

A Malware Distribution Simulator for the Verification of Network Threat Prevention Tools

Sensors ◽

10.3390/s21216983 ◽

2021 ◽

Vol 21 (21) ◽

pp. 6983

Author(s):

Song-Yi Hwang ◽

Jeong-Nyeo Kim

Keyword(s):

Denial Of Service ◽

Malicious Code ◽

The Internet ◽

Simulation Tool ◽

Distributed Denial Of Service ◽

Network Access ◽

Ip Address ◽

Network Equipment ◽

Low Performance ◽

Iot Devices

With the expansion of the Internet of Things (IoT), security incidents about exploiting vulnerabilities in IoT devices have become prominent. However, due to the characteristics of IoT devices such as low power and low performance, it is difficult to apply existing security solutions to IoT devices. As a result, IoT devices have easily become targets for cyber attackers, and malware attacks on IoT devices are increasing every year. The most representative is the Mirai malware that caused distributed denial of service (DDoS) attacks by creating a massive IoT botnet. Moreover, Mirai malware has been released on the Internet, resulting in increasing variants and new malicious codes. One of the ways to mitigate distributed denial of service attacks is to render the creation of massive IoT botnets difficult by preventing the spread of malicious code. For IoT infrastructure security, security solutions are being studied to analyze network packets going in and out of IoT infrastructure to detect threats, and to prevent the spread of threats within IoT infrastructure by dynamically controlling network access to maliciously used IoT devices, network equipment, and IoT services. However, there is a great risk to apply unverified security solutions to real-world environments. In this paper, we propose a malware simulation tool that scans vulnerable IoT devices assigned a private IP address, and spreads malicious code within IoT infrastructure by injecting malicious code download command into vulnerable devices. The malware simulation tool proposed in this paper can be used to verify the functionality of network threat detection and prevention solutions.

Download Full-text

Malware Threat in Internet of Things and Its Mitigation Analysis

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch020 ◽

2021 ◽

pp. 371-387

Author(s):

Shingo Yamaguchi ◽

Brij Gupta

Keyword(s):

Internet Of Things ◽

Large Volume ◽

Denial Of Service ◽

The Internet ◽

Distributed Denial Of Service ◽

Ddos Attack ◽

New Type ◽

Iot Devices ◽

Mitigation Methods ◽

The Internet Of Things

This chapter introduces malware's threat in the internet of things (IoT) and then analyzes the mitigation methods against the threat. In September 2016, Brian Krebs' web site “Krebs on Security” came under a massive distributed denial of service (DDoS) attack. It reached twice the size of the largest attack in history. This attack was caused by a new type of malware called Mirai. Mirai primarily targets IoT devices such as security cameras and wireless routers. IoT devices have some properties which make them malware attack's targets such as large volume, pervasiveness, and high vulnerability. As a result, a DDoS attack launched by infected IoT devices tends to become massive and disruptive. Thus, the threat of Mirai is an extremely important issue. Mirai has been attracting a great deal of attention since its birth. This resulted in a lot of information related to IoT malware. Most of them came from not academia but industry represented by antivirus software makers. This chapter summarizes such information.

Download Full-text

IoT Registration and Authentication in Smart City Applications with Blockchain

Sensors ◽

10.3390/s21041323 ◽

2021 ◽

Vol 21 (4) ◽

pp. 1323

Author(s):

Célio Márcio Soares Ferreira ◽

Charles Tim Batista Garrocho ◽

Ricardo Augusto Rabelo Oliveira ◽

Jorge Sá Silva ◽

Carlos Frederico Marcelo da Cunha Cavalcanti

Keyword(s):

Time Management ◽

Smart Cities ◽

Fog Computing ◽

Denial Of Service ◽

Urban Environments ◽

Edge Computing ◽

Primary Data ◽

Security Challenges ◽

Security Information ◽

Iot Devices

The advent of 5G will bring a massive adoption of IoT devices across our society. IoT Applications (IoT Apps) will be the primary data collection base. This scenario leads to unprecedented scalability and security challenges, with one of the first areas for these applications being Smart Cities (SC). IoT devices in new network paradigms, such as Edge Computing and Fog Computing, will collect data from urban environments, providing real-time management information. One of these challenges is ensuring that the data sent from Edge Computing are reliable. Blockchain has been a technology that has gained the spotlight in recent years, due to its robust security in fintech and cryptocurrencies. Its strong encryption and distributed and decentralized network make it potential for this challenge. Using Blockchain with IoT makes it possible for SC applications to have security information distributed, which makes it possible to shield against Distributed Denial of Service (DDOS). IoT devices in an SC can have a long life, which increases the chance of having security holes caused by outdated firmware. Adding a layer of identification and verification of attributes and signature of messages coming from IoT devices by Smart Contracts can bring confidence in the content. SC Apps that extract data from legacy and outdated appliances, installed in inaccessible, unknown, and often untrusted urban environments can benefit from this work. Our work’s main contribution is the development of API Gateways to be used in IoT devices and network gateway to sign, identify, and authorize messages. For this, keys and essential characteristics of the devices previously registered in Blockchain are used. We will discuss the importance of this implementation while considering the SC and present a testbed that is composed of Blockchain Ethereum and real IoT devices. We analyze the transfer time, memory, and CPU impacts during the sending and processing of these messages. The messages are signed, identified, and validated by our API Gateways and only then collected for an IoT data management application.

Download Full-text