The Internet of Things and Fog Computing are technologies currently used in many areas. They can be applied to provide a residential automation environment, for example, fire alarm applications, gas leak alarms, among others. Security-related searches for these fog-based environments are still in the early stages. Also, the fact that these environments are connected to the Internet makes them vulnerable to various threats, such as Denial of Service (DoS) attacks. In this work, we propose a module for detection and prevention of DoS attacks, that operates in the system's fog layer, to protect the system from external attacks. Practical experiments were carried out with the proposed module, considering a Raspberry Pi 3B as our fog server. The results obtained demonstrates that the approach is capable of detecting external attacks, as well as blocking the IPs from attackers, using less than 20% of cpu and less than 1% of RAM memory usage.A Internet das Coisas e a Computação por Névoa são tecnologias usadas atualmente em muitas áreas. Eles podem ser aplicados para fornecer um ambiente de automação residencial, por exemplo, aplicações de alarme de incêndio, alarmes de vazamento de gás, entre outros. As pesquisas relacionadas à segurança desses ambientes baseados em neblina ainda estão nos estágios iniciais. Além disso, o fato de esses ambientes estarem conectados à Internet os torna vulneráveis a várias ameaças, como ataques de negação de serviço (DoS). Neste trabalho, propomos um módulo para detecção e prevenção de ataques de negação de serviço, que opera na camada de neblina do sistema, para proteger o sistema contra ataques externos. Experimentos práticos foram realizados com o módulo proposto, considerando um Raspberry Pi 3B como nosso servidor de neblina. Os resultados obtidos demonstram que a abordagem é capaz de detectar ataques externos, além de bloquear os IPs dos invasores, usando menos de 20% da CPU e menos de 1% do uso de memória RAM.Palavras-Chave: Dos Attack; Computação em nevoeiro; Ambientes inteligentes.
23943Finally, in the UDP Flood attack, the attacker sends several packets with UDP datagram to the servers. The UDP protocol does not need to make any connection establishment before sending the data. Also, it does not guarantee that the data arrives correctly to the destination, so it is an untrusted protocol. This protocol has little control information, making it smaller and faster, so it is widely used in real-time applications and also in the communication between IoT objects [Cabrera et al. 2001].The following are the concepts related to IDS, an important security mechanism.
Intrusion Detection and PreventionThe first step in securing a networked system is to detect the attack, even if it is unable to prevent it, so intrusion detection can be considered the first line of defense in any security system [Kabiri and Ghorbani 2005]. Intrusion Detection Systems (IDS) are security tools [Garcia-Teodoro et al. 2009] that aim to defend a system, executing countermeasures or generating alerts for an entit...