Silicon firewall prototype

The Internet is a technological advance that provides access to information, and the ability to publish information, in revolutionary ways. There is also a major danger that provides the ability to corrupt and destroy information as well. When a computer is connected to the Internet, three things are put at risk: the data storage, the computing resources and the user’s reputation. In order to balance the advantages and risks, the contact between a computer and the Internet or the contact between different networks should be controlled carefully. A firewall is a form of protection that allows a network to connect to the Internet or to another network while maintaining a degree of security. The firewall is an effective type of network security, and in most situations, it is the most effective tool for doing that. With the availability of larger bandwidth, it is becoming more and more difficult for traditional software firewalls to function over a high-speed connection. In addition, the advances in network hardware technology, such as routers, and new applications of firewalls have caused the software firewall to be an impediment to high throughput. This network bottleneck leads to the requirement for new solutions to balance performance and security. Replacing software with hardware could lead to improved performance, enabling the firewalls to handle significantly larger amounts of data. The goal of this project is to investigate if and how existing desktop computer firewall technology could be improved by replacing software functionality with hardware (i.e., silicon). A hardware-based Silicon Firewall system has been designed by choosing the appropriate architecture and implemented using Altera FPGA (Field Programmable Gate Array) on a SOPC (System On a Programmable Chip) Board. The performance of the Silicon Firewall is tested and compared with the software firewall

Mobile Firewall System For Distributed Denial Of Service Defense In Internet Of Things Networks

Internet of Things (IoT) has seen unprecedented growth in the consumer space over the past ten years. The majority of IoT device manufacturers do not, however, build their products with cybersecurity in mind. The goal of the mobile firewall system is to move mitigation of network-diffused attacks closer to their source. Attack detection and mitigation is enforced using a machine that physically traverses the area. This machine uses a suite of security tools to protect the network. Our system provides advantages over current network attack mitigation techniques. Mobile firewalls can be deployed when there is no access to the network gateway or when no gateway exists, such as in IoT mesh networks. The focus of this thesis is to refine an explicit implementation for the mobile firewall system and evaluate its effectiveness. Evaluation of the mobile firewall system is analyzed using three simulated distributed denial of service case studies. Mobility is shown to be a great benefit when defending against physically distant attackers – the system takes no more than 131 seconds to fully nullify a worst-case attack

Secure management of logs in internet of things

Ever since the advent of computing, managing data has been of extreme importance. With innumerable devices getting added to network infrastructure, there has been a proportionate increase in the data which needs to be stored. With the advent of Internet of Things (IOT) it is anticipated that billions of devices will be a part of the internet in another decade. Since those devices will be communicating with each other on a regular basis with little or no human intervention, plethora of real time data will be generated in quick time which will result in large number of log files. Apart from complexity pertaining to storage, it will be mandatory to maintain confidentiality and integrity of these logs in IOT enabled devices. This paper will provide a brief overview about how logs can be efficiently and securely stored in IOT devices.Comment: 6 pages, 1 tabl

Blocking Java Applets at the Firewall

This paper explores the problem of protecting a site on the Internet against hostile external Java applets while allowing trusted internal applets to run. With careful implementation, a site can be made resistant to current Java security weaknesses as well as those yet to be discovered. In addition, we describe a new attack on certain sophisticated firewalls that is most effectively realized as a Java applet

A Practical Approach to Protect IoT Devices against Attacks and Compile Security Incident Datasets

open access articleThe Internet of Things (IoT) introduced the opportunity of remotely manipulating home appliances (such as heating systems, ovens, blinds, etc.) using computers and mobile devices. This idea fascinated people and originated a boom of IoT devices together with an increasing demand that was difficult to support. Many manufacturers quickly created hundreds of devices implementing functionalities but neglected some critical issues pertaining to device security. This oversight gave rise to the current situation where thousands of devices remain unpatched having many security issues that manufacturers cannot address after the devices have been produced and deployed. This article presents our novel research protecting IOT devices using Berkeley Packet Filters (BPFs) and evaluates our findings with the aid of our Filter.tlk tool, which is able to facilitate the development of BPF expressions that can be executed by GNU/Linux systems with a low impact on network packet throughput