Mobile Firewall System For Distributed Denial Of Service Defense In Internet Of Things Networks

Internet of Things (IoT) has seen unprecedented growth in the consumer space over the past ten years. The majority of IoT device manufacturers do not, however, build their products with cybersecurity in mind. The goal of the mobile firewall system is to move mitigation of network-diffused attacks closer to their source. Attack detection and mitigation is enforced using a machine that physically traverses the area. This machine uses a suite of security tools to protect the network. Our system provides advantages over current network attack mitigation techniques. Mobile firewalls can be deployed when there is no access to the network gateway or when no gateway exists, such as in IoT mesh networks. The focus of this thesis is to refine an explicit implementation for the mobile firewall system and evaluate its effectiveness. Evaluation of the mobile firewall system is analyzed using three simulated distributed denial of service case studies. Mobility is shown to be a great benefit when defending against physically distant attackers – the system takes no more than 131 seconds to fully nullify a worst-case attack

Trust Based Mechanism for Isolation of Malicious Nodes in Internet of Things

The Internet of Things systems are prone to the attacks as they have ad-hoc and limited resource structure. IoT-based systems are utilized for managing a large volume of information and assist in services related to industrial and medical applications. Due to this, the IoT attains becomes a target for a multitude of attackers and adversaries namely occasional hackers, cybercriminals, hacktivists, government, etc. The major goal of potential attackers is to steal the sensitive information such as credit card numbers, location data, credential of financial account and information related to health, by hacking the Internet of Things devices.  The version number attack is one of malicious activity of IoT which affect network performance to great extend. The version number attack is triggered by the malicious nodes which can flood unlimited hello packets in the network. The hello flood attack raised situation of denial of service in the network. The trust based mechanism is proposed in this research work in which trust value is assigned to each node based on their activities. The node which is least trusted will be marked as malicious and get isolated from the network. The proposed scheme is implemented in NS2 and results are analyzed in terms of throughput, packetloss, energy consumption and delay