A framework for mitigating zero-day attacks in IoT

Internet of Things (IoT) aims at providing connectivity between every computing entity. However, this facilitation is also leading to more cyber threats which may exploit the presence of a vulnerability of a period of time. One such vulnerability is the zero-day threat that may lead to zero-day attacks which are detrimental to an enterprise as well as the network security. In this article, a study is presented on the zero-day threats for IoT networks and a context graph-based framework is presented to provide a strategy for mitigating these attacks. The proposed approach uses a distributed diagnosis system for classifying the context at the central service provider as well as at the local user site. Once a potential zero-day attack is identified, a critical data sharing protocol is used to transmit alert messages and reestablish the trust between the network entities and the IoT devices. The results show that the distributed approach is capable of mitigating the zero-day threats efficiently with 33% and 21% improvements in terms of cost of operation and communication overheads, respectively, in comparison with the centralized diagnosis system.Comment: 6 Pages, 6 Figures, Conference on Information Security and Cryptography (CISC-S'17

Classifying sybil in MSNs using C4.5

© 2016 IEEE. Sybil detection is an important task in cyber security research. Over past years, many data mining algorithms have been adopted to fulfill such task. Using classification and regression for sybil detection is a very challenging task. Despite of existing research made toward modeling classification for sybil detection and prediction, this research has proposed new solution on how sybil activity could be tracked to address this challenging issue. Prediction of sybil behaviour has been demonstrated by analysing the graph-based classification and regression techniques, using decision trees and described dependencies across different methods. Calculated gain and maxGain helped to trace some sybil users in the datasets

An access control management protocol for Internet of things devices

Internet enabled computing devices are increasingly at risk of misuse by individuals or malware. Initially such misuse was targeted mainly at computers, however there is increasing targeting of tablet and smartphone devices. In this paper we examine an access control management protocol for Internet of things devices in order to attempt to provide some protection against misuse of such devices. Although anti-malware software is commonly used in computers, and is increasingly being used for tablets and smartphones, this may be a less practicable approach for Internet of things devices. The access control management protocol for Internet of things devices examined in this paper involves the use of physical proximity ‘registration’ for remote control of such devices, encryption of communications, verification of geo-location of the mobile device used to control the IoT device, safe operation controls, and exception reporting as a means of providing a tiered security approach for such devices

Secure data sharing and analysis in cloud-based energy management systems

Analysing data acquired from one or more buildings (through specialist sensors, energy generation capability such as PV panels or smart meters) via a cloud-based Local Energy Management System (LEMS) is increasingly gaining in popularity. In a LEMS, various smart devices within a building are monitored and/or controlled to either investigate energy usage trends within a building, or to investigate mechanisms to reduce total energy demand. However, whenever we are connecting externally monitored/controlled smart devices there are security and privacy concerns. We describe the architecture and components of a LEMS and provide a survey of security and privacy concerns associated with data acquisition and control within a LEMS. Our scenarios specifically focus on the integration of Electric Vehicles (EV) and Energy Storage Units (ESU) at the building premises, to identify how EVs/ESUs can be used to store energy and reduce the electricity costs of the building. We review security strategies and identify potential security attacks that could be carried out on such a system, while exploring vulnerable points in the system. Additionally, we will systematically categorize each vulnerability and look at potential attacks exploiting that vulnerability for LEMS. Finally, we will evaluate current counter measures used against these attacks and suggest possible mitigation strategies

Aplicación de los contratos inteligentes en Internet de las cosas

Blockchain es una de las tecnologías más innovadoras de nuestro tiempo gracias a su capacidad para asegurar la integridad de las transacciones y la autenticidad entre cualquier entidad conectada a Internet, de manera descentralizada. Entre las ventajas que ofrece Blockchain, se incluyen la condición de permanente e inmutable del registro en la cadena de bloques y la capacidad de ejecutar contratos inteligentes. Internet de las Cosas (IoT) es un concepto que se refiere a interconectar distintos dispositivos a través de Internet, cuestión que puede traer muchos beneficios a la sociedad de diferentes maneras, pero a la vez, es muy importante investigar y proponer la mejor solución para proteger la seguridad de los datos y de las comunicaciones entre todos los dispositivos interconectados. Esto constituye un gran desafío. Este proyecto de investigación se centra en la búsqueda y análisis de distintas plataformas Blockchain donde se pueden desarrollar contratos inteligentes y mediante ello permiten dar soporte a la interacción entre dispositivos que nos propone el IoT; la recopilación y el estudio de las vulnerabilidades detectadas y cómo es su comportamiento con respecto a la escalabilidad, la complejidad del sistema y los factores del protocolo de consenso. El resultado esperado es, en el contexto de la integración de contratos inteligentes entre Blockchain e Internet de las Cosas, encontrar las oportunidades y resolver los desafíos de esta integración para proteger la seguridad de los datos y de las comunicaciones garantizando la integridad de las transacciones y un ecosistema seguro para los dispositivos interconectados.Eje: Seguridad informática.Red de Universidades con Carreras en Informátic

Resource identification in fog-to-cloud systems: toward an identity management strategy

og-to-Cloud (F2C) is a novel paradigm aiming at extending the cloud computing capabilities to the edge of the network through the hierarchical and coordinated management of both, centralized cloud datacenters and distributed fog resources. It will allow all kinds of devices that are capable to connect to the F2C network to share its idle resources and access both, service provider and third parties’ resources to expand its own capabilities. However, despite the numerous advantages offered by the F2C model, such as the possibility of offloading delay-sensitive tasks to a nearby device and using the cloud infrastructure in the execution of resource-intensive tasks, the list of open challenges that needs to be addressed to have a deployable F2C system is pretty long. In this paper we focus on the resource identification challenge, proposing an identity management system (IDMS) solution that starts assigning identifiers (IDs) to the devices in the F2C network in a decentralized fashion using hashes and afterwards, manages the usage of those IDs applying a fragmentation technique. The obtained results during the validation phase show that our proposal not only meets the desired IDMS characteristics, but also that the fragmentation strategy is aligned with the constrained nature of the devices in the lowest tier of the network hierarchy.Peer ReviewedPostprint (author's final draft

Hybrid intrusion detection in connected self-driving vehicles

Emerging self-driving vehicles are vulnerable to different attacks due to the principle and the type of communication systems that are used in these vehicles. These vehicles are increasingly relying on external communication via vehicular ad hoc networks (VANETs). VANETs add new threats to self-driving vehicles that contribute to substantial challenges in autonomous systems. These communication systems render self-driving vehicles vulnerable to many types of malicious attacks, such as Sybil attacks, Denial of Service (DoS), black hole, grey hole and wormhole attacks. In this paper, we propose an intelligent security system designed to secure external communications for self-driving and semi self-driving cars. The proposed scheme is based on Proportional Overlapping Score (POS) to decrease the number of features found in the Kyoto benchmark dataset. The hybrid detection system relies on the Back Propagation neural networks (BP), to detect a common type of attack in VANETs: Denial-of-Service (DoS). The experimental results show that the proposed BP-IDS is capable of identifying malicious vehicles in self-driving and semi self-driving vehicles

An Insight into Sybil Attacks – A Bibliometric Assessment

Sybil attack poses a significant security concern in both centralized and distributed network environments, wherein malicious adversary sabotage the network by impersonating itself as several nodes, called Sybil nodes. A Sybil attacker creates different identities for a single physical device to deceive other benign nodes, as well as uses these fake identities to hide from the detection process, thereby introducing a lack of accountability in the network. In this paper, we have thoroughly discussed the Sybil attack including its types, attack mechanisms, mitigation techniques that are in use today for the detection and prevention of such attacks. Subsequently, we have discussed the impact of the Sybil attack in various application domains and performed a bibliometric assessment in the top four scholarly databases. This will help the research community to quantitatively analyze the recent trends to determine the future research direction for the detection and prevention of such attacks