5 research outputs found
Optimized Monitoring and Detection of Internet of Things resources-constraints Cyber Attacks
This research takes place in the context of the optimized monitoring and detec-
tion of Internet of Things (IoT) resource-constraints attacks. Meanwhile, the In-
ternet of Everything (IoE) concept is presented as a wider extension of IoT. How-
ever, the IoE realization meets critical challenges, including the limited network
coverage and the limited resources of existing network technologies and smart
devices. The IoT represents a network of embedded devices that are uniquely
identifiable and have embedded software required to communicate between the
transient states. The IoT enables a connection between billions of sensors, actu-
ators, and even human beings to the Internet, creating a wide range of services,
some of which are mission-critical. However, IoT networks are faulty; things
are resource-constrained in terms of energy and computational capabilities. For
IoT systems performing a critical mission, it is crucial to ensure connectivity,
availability, and device reliability, which requires proactive device state moni-
toring.
This dissertation presents an approach to optimize the monitoring and detection
of resource-constraints attacks in IoT and IoE smart devices. First, it has been
shown that smart devices suffer from resource-constraints problems; therefore,
using lightweight algorithms to detect and mitigate the resource-constraints at-
tack is essential. Practical analysis and monitoring of smart device resourcesā
are included and discussed to understand the behaviour of the devices before
and after attacking real smart devices. These analyses are straightforwardly
extended for building lightweight detection and mitigation techniques against
energy and memory attacks. Detection of energy consumption attacks based
on monitoring the package reception rate of smart devices is proposed to de-
tect energy attacks in smart devices effectively. The proposed lightweight algo-
rithm efficiently detects energy attacks for different protocols, e.g., TCP, UDP,
and MQTT. Moreover, analyzing memory usage attacks is also considered in
this thesis. Therefore, another lightweight algorithm is also built to detect the
memory-usage attack once it appears and stops. This algorithm considers mon-
itoring the memory usage of the smart devices when the smart devices are
Idle, Active, and Under attack. Based on the presented methods and monitoring
analysis, the problem of resource-constraint attacks in IoT systems is systemat-
ically eliminated by parameterizing the lightweight algorithms to adapt to the
resource-constraint problems of the smart devices
User-side wi-fi hotspot spoofing detection on android-based devices
A Dissertation Submitted in Partial Fulfilment of the Requirements for the Degree of Masterās in Wireless and Mobile Computing of the Nelson Mandela African Institution of Science and TechnologyNetwork spoofing is becoming a common attack in wireless networks. Similarly, there is a
rapid growth of numbers in mobile devices in the working environments. The trends pose a
huge threat to users since they become the prime target of attackers. More unfortunately,
mobile devices have weak security measures due to their limited computational powers,
making them an easy target for attackers. Current approaches to detect spoofing attacks focus
on personal computers and rely on the network hostsā capacity, leaving users with mobile
devices at risk. Furthermore, some approaches on Android-based devices demand root
privilege, which is highly discouraged. This research aims to study users' susceptibility to
network spoofing attacks and propose a detection solution in Android-based devices. The
presented approach considers the difference in security information and signal levels of an
access point to determine its legitimacy. On the other hand, it tests the legitimacy of the captive
portal with fake login credentials since, usually, fake captive portals do not authenticate users.
The detection approaches are presented in three networks: (a) open networks, (b) closed
networks and (c) networks with captive portals. As a departure from existing works, this
solution does not require root access for detection, and it is developed for portability and better
performance. Experimental results show that this approach can detect fake access points with
an accuracy of 98% and 99% at an average of 24.64 and 7.78 milliseconds in open and closed
networks, respectively. On the other hand, it can detect the existence of a fake captive portal at
an accuracy of 88%. Despite achieving this performance, the presented detection approach does
not cover APs that do not mimic legitimate APs. As an improvement, future work may focus
on pcap files which is rich of information to be used in detection