Currently on the Internet there are many threats that threaten the security of the information of users who daily access this network using different devices that connect from their homes or organizations that in many cases do not have security controls enough and end up exposing themselves to all those threats that grow over time. That is why this article aims to propose the validation of a cybersecurity framework that allows mitigating and reducing risks to increase security levels through the implementation of controls for homes and organizations using emerging technologies such as: IoT, Blockchain and Deep Learning. The foregoing was carried out with the methodological approach of action research starting from the improvement of the process in search of transformation, thus obtaining as results the integration of the aforementioned methodologies for the detection of possible malicious hosts within an internal network through an intelligent analysis of the traffic that passes through the same network in order to intelligently generate rules in intrusion detection systems (IDS) in an automated way and that these rules can in turn be distributed through a secure channel using the Blockchain technology, to finally guarantee the integrity of said rules and that also allows maintaining the immutability and synchronization of the same information with all the devices connected to the framework.
Para las organizaciones hoy en día es muy importante contar con frameworks que puedan automatizar determinados procesos que repercuten en gastos adicionales para estas mismas y es que la automatización toma mucha importancia cuando los procesos están relacionados con la ciberseguridad, dado que es un tema crítico y que debe estar actualizado con las últimas novedades tecnológicas ya que con el pasar del tiempo van encontrando nuevas vulnerabilidades. Por lo anterior, en este trabajo se propone una arquitectura de un framework ciberseguridad basado en tecnologías emergentes que permita automatizar la generación de reglas y almacenar la información de alertas generadas por posibles intrusiones de forma íntegra a través del tiempo, todo esto haciendo uso de dispositivos IoT que se encuentran conectados y autenticados de forma segura en una Blockchain que almacena todo el listado de reglas y las posibles alertas generadas por determinadas intrusiones. De este modo las reglas serán generadas automáticamente por un algoritmo de Deep learning que se encuentra analizando el tráfico que el dispositivo IoT emite hasta la nube haciendo uso de un IDS que está monitoreando el tráfico que pasa por una determina red y lo guarda de forma temporal en el dispositivo hasta que este es enviado hasta la nube. Así mismo, también la arquitectura propone una capa de aplicación de la cual hacen parte los usuarios que podrán administrar los dispositivos IoT, así como también las configuraciones para su conexión con la Blockchain y de igual forma se podrán gestionar reglas y monitoreo del tráfico que se está recibiendo por parte de los dispositivos involucrados.
This article presents a systematic review to determine the guidelines that allow the construction of an architecture based on emerging IoT technologies, artificial intelligence techniques, monitoring and storage of malicious traffic, in order to safeguard information, given that there are security flaws in IoT devices, which are intercepted by malicious systems that perform unwanted actions without the consent of the user, causing damage and theft of data, that is why three phases were established to carry out: in the first phase an exhaustive search of information was carried out in specialized databases, where they are selected and classified for the development of the guidelines, in the second phase the information collected was identified and analyzed to define an appropriate algorithm for the study, emerging technologies and key components of the cybersecurity system and finally in the third phase defined the necessary and pertinent guidelines for the struction of an architecture based on emerging technologies.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.