IoT and Man-in-the-Middle Attacks

This paper provides an overview of the Internet of Things (IoT) and its significance. It discusses the concept of Man-in-the-Middle (MitM) attacks in detail, including their causes, potential solutions, and challenges in detecting and preventing such attacks. The paper also addresses the current issues related to IoT security and explores future methods and facilities for improving detection and prevention mechanisms against MitM

Machine Learning based Attacks Detection and Countermeasures in IoT

While the IoT offers important benefits and opportunities for users, the technology raises various security issues and threats. These threats may include spreading IoT botnets through IoT devices which are the common and most malicious security threat in the world of internet. Protecting the IoT devices against these threats and attacks requires efficient detection. While we need to take into consideration IoT devices memory capacity limitation and low power processors. In this paper, we will focus in proposing low power consumption Machine Learning (ML) techniques for detecting IoT botnet attacks using Random forest as ML-based detection method and describing IoT common attacks with its countermeasures. The experimental result of our proposed solution shows higher accuracy. From the results, we conclude that IoT botnet detection is possible; achieving a higher accuracy rate as an experimental result indicates an accuracy rate of over 99.99% where the true positive rate is 1.000 and the false-negative rate is 0.000

A Review of IoT Security and Privacy Using Decentralized Blockchain Techniques

IoT security is one of the prominent issues that has gained significant attention among the researchers in recent times. The recent advancements in IoT introduces various critical security issues and increases the risk of privacy leakage of IoT data. Implementation of Blockchain can be a potential solution for the security issues in IoT. This review deeply investigates the security threats and issues in IoT which deteriorates the effectiveness of IoT systems. This paper presents a perceptible description of the security threats, Blockchain based solutions, security characteristics and challenges introduced during the integration of Blockchain with IoT. An analysis of different consensus protocols, existing security techniques and evaluation parameters are discussed in brief. In addition, the paper also outlines the open issues and highlights possible research opportunities which can be beneficial for future research

Recent Trends in Software-Defined Networking: A Bibliometric Review

Software-Defined Networking is referred to as the next big thing in the field of networking. Legacy networks contain various components such as switches, routers, etc. with a variety of complex protocols. A network administrator is responsible for configuring all these various components. Apart from complex network management, network security is also a persistent issue in the field of networking. SDN promises simplicity in network management while also dramatically improving the security of networks. This paper gives an analysis of the current trends in in SDN as well as Security challenges with SDN. A bibliometric review on SDN has also been outlined in this paper. We have also mentioned some of the challenges posed by the SDN architecture and also some of the solutions to combat the

MARINE: Man-in-the-middle attack resistant trust model IN connEcted vehicles

Vehicular Ad-hoc NETwork (VANET), a novel technology holds a paramount importance within the transportation domain due to its abilities to increase traffic efficiency and safety. Connected vehicles propagate sensitive information which must be shared with the neighbors in a secure environment. However, VANET may also include dishonest nodes such as Man-in-the-Middle (MiTM) attackers aiming to distribute and share malicious content with the vehicles, thus polluting the network with compromised information. In this regard, establishing trust among connected vehicles can increase security as every participating vehicle will generate and propagate authentic, accurate and trusted content within the network. In this paper, we propose a novel trust model, namely, Man-in-the-middle Attack Resistance trust model IN connEcted vehicles (MARINE), which identifies dishonest nodes performing MiTM attacks in an efficient way as well as revokes their credentials. Every node running MARINE system first establishes trust for the sender by performing multi-dimensional plausibility checks. Once the receiver verifies the trustworthiness of the sender, the received data is then evaluated both directly and indirectly. Extensive simulations are carried out to evaluate the performance and accuracy of MARINE rigorously across three MiTM attacker models and the bench-marked trust model. Simulation results show that for a network containing 35% MiTM attackers, MARINE outperforms the state of the art trust model by 15%, 18%, and 17% improvements in precision, recall and F-score, respectively.N/A

A critical review of cyber-physical security for building automation systems

Modern Building Automation Systems (BASs), as the brain that enables the smartness of a smart building, often require increased connectivity both among system components as well as with outside entities, such as optimized automation via outsourced cloud analytics and increased building-grid integrations. However, increased connectivity and accessibility come with increased cyber security threats. BASs were historically developed as closed environments with limited cyber-security considerations. As a result, BASs in many buildings are vulnerable to cyber-attacks that may cause adverse consequences, such as occupant discomfort, excessive energy usage, and unexpected equipment downtime. Therefore, there is a strong need to advance the state-of-the-art in cyber-physical security for BASs and provide practical solutions for attack mitigation in buildings. However, an inclusive and systematic review of BAS vulnerabilities, potential cyber-attacks with impact assessment, detection & defense approaches, and cyber-secure resilient control strategies is currently lacking in the literature. This review paper fills the gap by providing a comprehensive up-to-date review of cyber-physical security for BASs at three levels in commercial buildings: management level, automation level, and field level. The general BASs vulnerabilities and protocol-specific vulnerabilities for the four dominant BAS protocols are reviewed, followed by a discussion on four attack targets and seven potential attack scenarios. The impact of cyber-attacks on BASs is summarized as signal corruption, signal delaying, and signal blocking. The typical cyber-attack detection and defense approaches are identified at the three levels. Cyber-secure resilient control strategies for BASs under attack are categorized into passive and active resilient control schemes. Open challenges and future opportunities are finally discussed.Comment: 38 pages, 7 figures, 6 tables, submitted to Annual Reviews in Contro

A supervised intrusion detection system for smart home IoT devices

The proliferation in Internet of Things (IoT) devices, which routinely collect sensitive information, is demonstrated by their prominence in our daily lives. Although such devices simplify and automate every day tasks, they also introduce tremendous security flaws. Current insufficient security measures employed to defend smart devices make IoT the `weakest' link to breaking into a secure infrastructure, and therefore an attractive target to attackers. This paper proposes a three layer Intrusion Detection System (IDS) that uses a supervised approach to detect a range of popular network based cyber-attacks on IoT networks. The system consists of three main functions: 1) classify the type and profile the normal behaviour of each IoT device connected to the network, 2) identifies malicious packets on the network when an attack is occurring, and 3) classifies the type of the attack that has been deployed. The system is evaluated within a smart home testbed consisting of 8 popular commercially available devices. The effectiveness of the proposed IDS architecture is evaluated by deploying 12 attacks from 4 main network based attack categories such as: Denial of Service (DoS), Man-In-The-Middle (MITM)/Spoofing, Reconnaissance, and Replay. Additionally, the system is also evaluated against 4 scenarios of multi-stage attacks with complex chains of events. The performance of the system's three core functions result in an F-measure of: 1) 96.2%, 2) 90.0%, and 3) 98.0%. This demonstrates that the proposed architecture can automatically distinguish between IoT devices on the network, whether network activity is malicious or benign, and detect which attack was deployed on which device connected to the network successfully

Secure data sharing and analysis in cloud-based energy management systems

Analysing data acquired from one or more buildings (through specialist sensors, energy generation capability such as PV panels or smart meters) via a cloud-based Local Energy Management System (LEMS) is increasingly gaining in popularity. In a LEMS, various smart devices within a building are monitored and/or controlled to either investigate energy usage trends within a building, or to investigate mechanisms to reduce total energy demand. However, whenever we are connecting externally monitored/controlled smart devices there are security and privacy concerns. We describe the architecture and components of a LEMS and provide a survey of security and privacy concerns associated with data acquisition and control within a LEMS. Our scenarios specifically focus on the integration of Electric Vehicles (EV) and Energy Storage Units (ESU) at the building premises, to identify how EVs/ESUs can be used to store energy and reduce the electricity costs of the building. We review security strategies and identify potential security attacks that could be carried out on such a system, while exploring vulnerable points in the system. Additionally, we will systematically categorize each vulnerability and look at potential attacks exploiting that vulnerability for LEMS. Finally, we will evaluate current counter measures used against these attacks and suggest possible mitigation strategies

A survey on wireless body area networks: architecture, security challenges and research opportunities.

In the era of communication technologies, wireless healthcare networks enable innovative applications to enhance the quality of patients’ lives, provide useful monitoring tools for caregivers, and allows timely intervention. However, due to the sensitive information within the Wireless Body Area Networks (WBANs), insecure data violates the patients’ privacy and may consequently lead to improper medical diagnosis and/or treatment. Achieving a high level of security and privacy in WBAN involves various challenges due to its resource limitations and critical applications. In this paper, a comprehensive survey of the WBAN technology is provided, with a particular focus on the security and privacy concerns along with their countermeasures, followed by proposed research directions and open issues