Agent-whistleblower Technology for Secure Internet of Things
DOI:
https://doi.org/10.54654/isj.v7i1.52Keywords:
security agent, lightweight intrusion detection, anomaly detection, distributed network attack, DDoS attack, Internet of Things, smart thingsTóm tắt
Abstract— The paper investigates the causes of widespread use by cybercriminals of the Internet of Things for organizing network attacks and other illegal use. An analysis of existing approaches and technologies for protecting networked computer devices is presented, as well as the main factors that prevent their use in the world of Internet of Things. An approach is suggested that ensures the integration of protective mechanisms directly into the composition of Things. Various variants of technology implementation are considered. Key aspects and potential ways of implementing the proposed approach are noted.
Tóm tắt— Bài báo nghiên cứu về các phương thức được tội phạm mạng sử dụng rộng rãi trong Internet vạn vật (IoT), để tổ chức các tấn công mạng và các hành vi bất hợp pháp khác. Bài báo phân tích các phương pháp và công nghệ hiện có để bảo vệ các thiết bị kết nối mạng, cũng như các yếu tố chính để ngăn chặn việc sử dụng chúng trong IoT. Cách tiếp cận được đề xuất là đảm bảo việc tích hợp các cơ chế bảo vệ trực tiếp vào cấu trúc của IoT. Bài báo cũng xem xét các biến thể khác của việc thực hiện công nghệ này. Từ đó, đưa ra lưu ý về các khía cạnh chính và cách thức cài đặt tiềm năng để thực hiện phương pháp được đề xuất.
Downloads
References
[1]. “The Rise of the IoT Botnet: Beyond the Mirai Bot” (April 12, 2017). [Online]. Available: http://resources.infosecinstitute.com/rise-iot-botnet-beyond-mirai-bot. [Accessed: 15-Jun- 2017]
[2]. Ms. Smith, “Peeping into 73,000 unsecured security cameras thanks to default passwords”, (November 6, 2014). [Online]. Available: http://www.networkworld.com/article/2844283/microsoft-subnet/ peeping-into-73-000-unsecured-security-cameras-thanks-to-default-passwords.html. [Accessed: 15-Jun- 2017]
[3]. Pierluigi Paganini “Sucuri spotted a large botnet of CCTV devices involved in DDoS attacks” (June 28, 2016). [Online]. Available: http://securityaffairs.co/wordpress/48807/cyber-crime/cctv-devices-ddos.html. [Accessed: 15-Jun- 2017]
[4]. Brian Krebs “KrebsOnSecurity Hit With Record DDoS” (September 16, 2016). [Online]. Available: https://krebsonsecurity.com/2016/09/ krebsonsecurity-hit-with-record-ddos. [Accessed: 15-Jun- 2017]
[5]. Bruce Schneier, “Security and the Internet of Things”, (February 1, 2016). [Online]. Available: https://www.schneier.com/blog/archives/ 2017/02/security_and_th.html. [Accessed: 15-Jun- 2017]
[6]. Joel Lee “Hack Attack: How To Keep Your Webcam Secure From Online Peeping Toms”, (September 17, 2013). [Online]. Available: http://www.makeuseof.com/tag/hack-attack-how-to-keep-your-webcam-secure-from-online-peeping-toms. [Accessed: 15-Jun- 2017]
[7]. Rotem Kerner “Remote Code Execution in CCTV-DVR affecting over 70 different vendors” (March 22, 2016). [Online]. Available: http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html [Accessed: 16-Jun- 2017]
[8]. Richard Chirgwin “Dishwasher has directory traversal bug” (March 26, 2017). [Online]. Available: https://www.theregister.co.uk/2017/ 03/26/miele_joins_internetofst_hall_of_shame. [Accessed: 16-Jun- 2017]
[9]. Kishore Angrishi “Turning Internet of Things(IoT) into Internet of Vulnerabilities (IoV) : IoT Botnets” (February 17, 2017). [Online]. Available: https://arxiv.org/pdf/1702.03681.pdf. [Accessed: 16-Jun- 2017]
[10]. Karen Scarfone, Peter Mell “Guide to Intrusion Detection and Prevention Systems (IDPS)” Special Publication (NIST SP) - 800-94, February 20, 2007.
[11]. Chandola, V., Banerjee, A., and Kumar, V. “Anomaly detection: A survey” ACM Comput. Surv. 41, 3, Article 15, July 2009.
[12]. Hodge, V.J., Austin, J. “A survey of outlier detection methodologies”. Artificial Intelligence Review, 22(2), pp. 85–126 (2004).
Downloads
Published
How to Cite
Issue
Section
License
Proposed Policy for Journals That Offer Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
Proposed Policy for Journals That Offer Delayed Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication, with the work [SPECIFY PERIOD OF TIME] after publication simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
