Preventing DoS Attacks in IoT Using AES

The Internet of Things (IoT) is significant in today’s development of mobile networks enabling to obtain information from the environment, devices, and appliances. A number of applications have been implemented in various kinds of technologies. IoT has high exposure to security attacks and threats. There are several requirements in terms of security. Confidentiality is one of the major concerns in the wireless network. Integrity and availability are key issues along with the confidentiality. This research focuses on identifying the attacks that can occur in IoT. Packet filtering and patches method were used to secure the network and mitigate mentioned attacks but these techniques are not capable of achieving security in IoT. This paper uses Advanced Encryption Standard (AES) to address these mentioned security issues. Official AES version uses the standard for secret key encryption. However, several problems and attacks still occur with the implementation of this original AES. We modified AES by adding white box and the doubling of the AES encryption. We also replaced the Substitute-Byte (S-Box) in the conventional AES with the white box. The significance of a white box is where the whole AES cipher decomposed into round functions. While doubling the process of AES gives difficulty to the attacker or malware to interrupt the network or system. From the algorithms, our proposed solutions can control DoS attack on IoT and any other miniature devices

Pengamanan Internet of Things Berbasis NodeMCU Menggunakan Algoritma AES Pada Arsitektur Web Service REST

Data confidentiality and resource's limitation issues are challenges for the Internet of Things. To implement good security on IoT systems, cryptography can do it, but it needs an effective encryption algorithm that does not require a lot of resources. The purpose of this study is to secure an IoT system by implementing an algorithm that is successful in maintaining the confidentiality of data transmitted. This research uses an experimental approach, by creating an IoT system for agriculture and adding an encryption algorithm. The IoT system uses NodeMCU as a microcontroller. NodeMCU is a microcontroller with small resources so it needs an efficient algorithm to be implemented in it. One algorithm that has good performance in a desktop computing environment is the Advance Encryption Standard (AES) algorithm. The algorithm is tested in an IoT computing environment with a data exchange architecture using an REST (Representational State Transfer) web service, resulting in an IoT system for agriculture with cryptographic implementations in it. In the tests carried out, the encryption process of 128 and 256 bits of plain text took 266.31 and 274.31 microseconds, while the memory used was 16% and 17% of the total memory, respectively. This shows the encryption time is fast, and the memory usage is relatively small.Data confidentiality and resources limitation issues are challenges for Internet of Things. To implement good security on IoT systems, cryptography can be implemented, but it needs effective encryption algorithm that does not require a lot of resources. The purpose of this study is to implement an algorithm that is effective in maintaining the confidentiality of data transmitted on an IoT system with limited resources. This research uses experimental research methods, by creating an IoT system for agriculture and adding an encryption algorithm. The IoT system uses NodeMCU as a microcontroller. NodeMCU is a microcontroller with small resources so it needs an efficient algorithm to be implemented in it. One algorithm that has good performance in a desktop computing environment is the Advance Encryption Standard (AES) algorithm. The algorithm implemented in the IoT system using a REST (Representational State Transfer) web service. The result of this research is an secured IoT system for agriculture. In the tests carried out, the encryption process of 128 and 256 bit plain text took 266.31 and 274.31 microseconds, while the memory used was 16% and 17% of the total memory. This shows the encryption time is relatively fast and the memory usage is relatively small

Internet-of-Things (IoT) Security Threats: Attacks on Communication Interface

Internet of Things (IoT) devices collect and process information from remote places and have significantly increased the productivity of distributed systems or individuals. Due to the limited budget on power consumption, IoT devices typically do not include security features such as advanced data encryption and device authentication. In general, the hardware components deployed in IoT devices are not from high end markets. As a result, the integrity and security assurance of most IoT devices are questionable. For example, adversary can implement a Hardware Trojan (HT) in the fabrication process for the IoT hardware devices to cause information leak or malfunctions. In this work, we investigate the security threats on IoT with a special emphasis on the attacks that aim for compromising the communication interface between IoT devices and their main processing host. First, we analyze the security threats on low-energy smart light bulbs, and then we exploit the limitation of Bluetooth protocols to monitor the unencrypted data packet from the air-gapped network. Second, we examine the security vulnerabilities of single-wire serial communication protocol used in data exchange between a sensor and a microcontroller. Third, we implement a Man-in-the-Middle (MITM) attack on a master-slave communication protocol adopted in Inter-integrated Circuit (I2C) interface. Our MITM attack is executed by an analog hardware Trojan, which crosses the boundary between digital and analog worlds. Furthermore, an obfuscated Trojan detection method(ADobf) is proposed to monitor the abnormal behaviors induced by analog Trojans on the I2C interface

An analysis and a comparative study of cryptographic algorithms used on the internet of things (IoT) based on avalanche effect

Ubiquitous computing is already weaving itself around us and it is connecting everything to the network of networks. This interconnection of objects to the internet is new computing paradigm called the Internet of Things (IoT) networks. Many capacity and non-capacity constrained devices, such as sensors are connecting to the Internet. These devices interact with each other through the network and provide a new experience to its users. In order to make full use of this ubiquitous paradigm, security on IoT is important. There are problems with privacy concerns regarding certain algorithms that are on IoT, particularly in the area that relates to their avalanche effect means that a small change in the plaintext or key should create a significant change in the ciphertext. The higher the significant change, the higher the security if that algorithm. If the avalanche effect of an algorithm is less than 50% then that algorithm is weak and can create security undesirability in any network. In this, case IoT. In this study, we propose to do the following: (1) Search and select existing block cryptographic algorithms (maximum of ten) used for authentication and encryption from different devices used on IoT. (2) Analyse the avalanche effect of select cryptographic algorithms and determine if they give efficient authentication on IoT. (3) Improve their avalanche effect by designing a mathematical model that improves their robustness against attacks. This is done through the usage of the initial vector XORed with plaintext and final vector XORed with cipher tect. (4) Test the new mathematical model for any enhancement on the avalanche effect of each algorithm as stated in the preceding sentences. (5) Propose future work on how to enhance security on IoT. Results show that when using the proposed method with variation of key, the avalanche effect significantly improved for seven out of ten algorithms. This means that we have managed to improve 70% of algorithms tested. Therefore indicating a substantial success rate for the proposed method as far as the avalanche effect is concerned. We propose that the seven algorithms be replaced by our improved versions in each of their implementation on IoT whenever the plaintext is varied.Electrical and Mining EngineeringM. Tech. (Electrical Engineering

Виявлення DoS/DDoS атак в IoT за допомогою машинного навчання

обота обсягом 109 сторінки включає 13 ілюстрацій, 33 таблиці, 35 джерела літератури та 1 додаток. Об’єктом дослідження є DDoS/DoS атаки в мережі пристроїв ІоТ. Предметом дослідження є виявлення DoS/DDoS атак в мережі пристроїв Інтернету речей. Методи дослідження – поєднання існуючих методів і технологій виявлення аномалій в мережевому трафіку та методів оцінювання алгоритмів. Метою роботи є вирішення проблеми підвищення ефективності виявлення DoS/DDoS атак в мережах ІоТ. Результати роботи можуть використовуватися для побудови системи виявлення вторгнень в мережі пристроїв ІоТ.The work includes 109 pages, 13 illustrations, 33 tables, 35 bibliography references and appendices. The object of the study is DDoS / DoS attacks in the network of IoT devices. The subject of the study is the detection of DoS / DDoS attacks in the network of Internet of Things devices. Research methods - a combination of existing methods and technologies for detecting anomalies in network traffic and methods for estimating algorithms. The purpose of this work is a practical solution to the problem of improving the detection of DoS / DDoS attacks in IoT networks through the use of machine learning algorithms. The results can be used to build a system for detecting intrusions in the network of IoT devices

Interceptive side channel attack on AES-128 wireless communications for IoT applications

We propose wireless interceptive Side-Channel Attack (SCA) technique to reveal the 16-byte secret key of the AES-128 encryption algorithm in wireless communications, through Correlation Electromagnetic Analysis (CEMA) for Internet of Things (IoT) applications. The encrypted wireless communication link is established using two ATmega-processor based Arduino boards. There are two key features in our proposed interceptive SCA technique. First, we identify the sensitive modules, which emit significant EM signal (physical leakage information) of the ATmega processor during the encryption process. The significant EM signals are highly correlated with processed data to reveal the secret key. Second, we investigate the resistance of AES-128 encryption algorithm implementation on ATmega processor against CEMA based SCA. The wireless signal is intercepted and correlated with EM signals generated during the encryption process. Based on our experimental results, the correlated EM signals leak out at the three modules - FLASH memory, data bus and SRAM modules during the encryption process are 101.56 dBμV, 105.34 dBμV and 121.79 dBμV respectively. In addition, we perform the CEMA attacks on the AES-128 implementation on the ATmega processor and the secret key is successfully revealed at 20,000 EM traces.ASTAR (Agency for Sci., Tech. and Research, S’pore)Accepted versio

9th International Conference on Business, Technology and Innovation 2020

Welcome to IC – UBT 2020 UBT Annual International Conference is the 9th international interdisciplinary peer reviewed conference which publishes works of the scientists as well as practitioners in the area where UBT is active in Education, Research and Development. The UBT aims to implement an integrated strategy to establish itself as an internationally competitive, research-intensive university, committed to the transfer of knowledge and the provision of a world-class education to the most talented students from all background. The main perspective of the conference is to connect the scientists and practitioners from different disciplines in the same place and make them be aware of the recent advancements in different research fields, and provide them with a unique forum to share their experiences. It is also the place to support the new academic staff for doing research and publish their work in international standard level. This conference consists of sub conferences in different fields like: Security Studies Sport, Health and Society Psychology Political Science Pharmaceutical and Natural Sciences Mechatronics, System Engineering and Robotics Medicine and Nursing Modern Music, Digital Production and Management Management, Business and Economics Language and Culture Law Journalism, Media and Communication Information Systems and Security Integrated Design Energy Efficiency Engineering Education and Development Dental Sciences Computer Science and Communication Engineering Civil Engineering, Infrastructure and Environment Architecture and Spatial Planning Agriculture, Food Science and Technology Art and Digital Media This conference is the major scientific event of the UBT. It is organizing annually and always in cooperation with the partner universities from the region and Europe. We have to thank all Authors, partners, sponsors and also the conference organizing team making this event a real international scientific event. Edmond Hajrizi, President of UBTUBT – Higher Education Institutio

NOTIFICATION !!!

All the content of this special edition is retrieved from the conference proceedings published by the European Scientific Institute, ESI. http://eujournal.org/index.php/esj/pages/view/books The European Scientific Journal, ESJ, after approval from the publisher re publishes the papers in a Special edition

NOTIFICATION !!!

All the content of this special edition is retrieved from the conference proceedings published by the European Scientific Institute, ESI. http://eujournal.org/index.php/esj/pages/view/books The European Scientific Journal, ESJ, after approval from the publisher re publishes the papers in a Special edition

NOTIFICATION !!!

All the content of this special edition is retrieved from the conference proceedings published by the European Scientific Institute, ESI. http://eujournal.org/index.php/esj/pages/view/books The European Scientific Journal, ESJ, after approval from the publisher re publishes the papers in a Special edition