Internal interface diversification as a security measure in sensor networks

More actuator and sensor devices are connected to the Internet of Things (IoT) every day, and the network keeps growing, while software security of the devices is often incomplete. Sensor networks and the IoT in general currently cover a large number of devices with an identical internal interface structure. By diversifying the internal interfaces, the interfaces on each node of the network are made unique, and it is possible to break the software monoculture of easily exploitable identical systems. This paper proposes internal interface diversification as a security measure for sensor networks. We conduct a study on diversifiable internal interfaces in 20 IoT operating systems. We also present two proof-of-concept implementations and perform experiments to gauge the feasibility in the IoT environment. Internal interface diversification has practical limitations, and not all IoT operating systems have that many diversifiable interfaces. However, because of low resource requirements, compatibility with other security measures and wide applicability to several interfaces, we believe internal interface diversification is a promising and effective approach for securing nodes in sensor networks.</p

Diversification and obfuscation techniques for software security: A systematic literature review

Context: Diversification and obfuscation are promising techniques for securing software and protecting computers from harmful malware. The goal of these techniques is not removing the security holes, but making it difficult for the attacker to exploit security vulnerabilities and perform successful attacks.Objective: There is an increasing body of research on the use of diversification and obfuscation techniques for improving software security; however, the overall view is scattered and the terminology is unstructured. Therefore, a coherent review gives a clear statement of state-of-the-art, normalizes the ongoing discussion and provides baselines for future research.Method: In this paper, systematic literature review is used as the method of the study to select the studies that discuss diversification/obfuscation techniques for improving software security. We present the process of data collection, analysis of data, and report the results.Results: As the result of the systematic search, we collected 357 articles relevant to the topic of our interest, published between the years 1993 and 2017. We studied the collected articles, analyzed the extracted data from them, presented classification of the data, and enlightened the research gaps.Conclusion: The two techniques have been extensively used for various security purposes and impeding various types of security attacks. There exist many different techniques to obfuscate/diversify programs, each of which targets different parts of the programs and is applied at different phases of software development life-cycle. Moreover, we pinpoint the research gaps in this field, for instance that there are still various execution environments that could benefit from these two techniques, including cloud computing, Internet of Things (IoT), and trusted computing. We also present some potential ideas on applying the techniques on the discussed environments.</p

2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom)

The development of cloud computing has facilitate the organizations with its services. This makes the security and privacy of the cloud even more significant. Diversification and obfuscation approaches are of the most promising proactive techniques that protect computers from harmful malware, by preventing them to take advantage of the security vulnerabilities. There is a large body of research on the use of diversification and obfuscation techniques for improving the security in various domains, including cloud computing. Cloud computing provides an excellent setting for applying diversification/obfuscation, as the computing platforms (virtual machines) are implemented in software. The main objective of this study is to determine in what ways obfuscation and diversification techniques are used to enhance the security and privacy of the cloud computing, and discover the potential avenues for the further research. To achieve this goal, we systematically review and report the papers that discuss/propose a technique to enhance the security and privacy of the cloud, using diversification and obfuscation techniques. As the result of the search we collected 43 papers published on the topic. In this report we present the process of data collection, analysis of the results, and classification of the related studies. The classification is done based on how the diversification/obfuscation techniques are used to enhance the security in cloud computing environment. The presented study gives a clear view of the state of the art of the existing works in the field, and sheds light on the areas remained intact which could be avenues for further research. The existing works cover surprisingly a small set of the wealth of opportunities for diversification/obfuscation.</p

Recent Trends in Applying TPM to Cloud Computing

Trusted platform modules (TPM) have become important safe-guards against variety of software-based attacks. By providing a limited set of cryptographic services through a well-defined interface, separated from the software itself, TPM can serve as a root of trust and as a building block for higher-level security measures. This article surveys the literature for applications of TPM in the cloud-computing environment, with publication dates comprised between 2013 and 2018. It identifies the current trends and objectives of this technology in the cloud, and the type of threats that it mitigates. Toward the end, the main research gaps are pinpointed and discussed. Since integrity measurement is one of the main usages of TPM, special attention is paid to the assessment of run time phases and software layers it is applied to.info:eu-repo/semantics/publishedVersio

Internal Interface Diversification as a Security Measure in Sensor Networks

More actuator and sensor devices are connected to the Internet of Things (IoT) every day, and the network keeps growing, while software security of the devices is often incomplete. Sensor networks and the IoT in general currently cover a large number of devices with an identical internal interface structure. By diversifying the internal interfaces, the interfaces on each node of the network are made unique, and it is possible to break the software monoculture of easily exploitable identical systems. This paper proposes internal interface diversification as a security measure for sensor networks. We conduct a study on diversifiable internal interfaces in 20 IoT operating systems. We also present two proof-of-concept implementations and perform experiments to gauge the feasibility in the IoT environment. Internal interface diversification has practical limitations, and not all IoT operating systems have that many diversifiable interfaces. However, because of low resource requirements, compatibility with other security measures and wide applicability to several interfaces, we believe internal interface diversification is a promising and effective approach for securing nodes in sensor networks

Proceedings of the 2016 IEEE International Conference on Internet of Things IEEE Green Computing and Communications IEEE Cyber, Physical, and Social Computing IEEE Smart Data

 Internet of Things (IoT) is a swiftly growing technology and business domain that is expected to revolutionize the modern trade. Nonetheless, shortcomings in security are common in this new domain and security issues are the Achilles' heel of the new technology.In this study, we analyze different security solutions for IoT devices and propose suitable techniques for further analysis. The aim of this study is to provide guidance on implementing security solutions for both existing and coming devices of Internet of Things, by providing analysis and defining the Complexity of Implementation score for each solution.</p

Diversification and Obfuscation Techniques for Software Security: a Systematic Literature Review

Abstract Context: Diversification and obfuscation are promising techniques for securing software and protecting computers from harmful malware. The goal of these techniques is not removing the security holes, but making it difficult for the attacker to exploit security vulnerabilities and perform successful attacks. Objective: There is an increasing body of research on the use of diversification and obfuscation techniques for improving software security; however, the overall view is scattered and the terminology is unstructured. Therefore, a coherent review gives a clear statement of state-of-the-art, normalizes the ongoing discussion and provides baselines for future research. Method: In this paper, systematic literature review is used as the method of the study to select the studies that discuss diversification/obfuscation techniques for improving software security. We present the process of data collection, analysis of data, and report the results. Results: As the result of the systematic search, we collected 357 articles relevant to the topic of our interest, published between the years 1993 and 2017. We studied the collected articles, analyzed the extracted data from them, presented classification of the data, and enlightened the research gaps. Conclusion: The two techniques have been extensively used for various security purposes and impeding various types of security attacks. There exist many different techniques to obfuscate/diversify programs, each of which targets different parts of the programs and is applied at different phases of software development life-cycle. Moreover, we pinpoint the research gaps in this field, for instance that there are still various execution environments that could benefit from these two techniques, including cloud computing, Internet of Things (IoT), and trusted computing. We also present some potential ideas on applying the techniques on the discussed environments.publishedVersionPeer reviewe