Digital certificate-based port knocking for connected embedded systems

Mahbooba, Basim; Schukat, Michael

doi:10.1109/issc.2017.7983645

Cited by 6 publications

(6 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…With the increase in attacks on IoT devices, the focus has turned towards the port knocking feature and finding the kind of algorithms that can be used in the Internet of Things environment. Due to the popularity of IoT, a lot of research has been directed towards IoT threats, vulnerabilities, attacks, limitations, authentication, and challenges [4], [5], [6], [14], [15], [21]. Many researchers have also examined the security of IoT and possible countermeasures.…”

Section: Related Workmentioning

confidence: 99%

Empirical Analysis of Security and Power-Saving Features of Port Knocking Technique Applied to an IoT Device

Bokhari

Inoue

Kato

et al. 2021

Journal of Information Processing

View full text Add to dashboard Cite

The digital boom brought empowerment to seamless connectivity by enabling manufacturers to harness the power of the Internet into their products, opening up the world of the Internet of Things (IoT). However, such connectivity has also brought the side effect of such power being abused by unscrupulous agents, who scan open ports for services and exploit vulnerabilities in the system. The Mirai botnet malware attack is one such example that caused havoc by compromising millions of IoT devices having unpatched/weaker security. There is an increasing need to enable IoT devices to be fully patched and secured, but such methods are often under attack. This paper examines a stealth technology and its impact on the CPU and power consumption to secure resource-constraint IoT devices that are growing exponentially. By enabling secure remote operations and management of such devices using a unique but practical method of security called "Port Knocking," we can ensure timely patching of security vulnerabilities in a safe and stealthy manner. Our experimental results on a resource-constraint IoT device show that port knocking not only secures the device and provides a secure remote management option but also helps in keeping its power consumption low. The results obtained make it an effective security layer for securing resource-constraint IoT devices.

show abstract

Section: Related Workmentioning

confidence: 99%

Empirical Analysis of Security and Power-Saving Features of Port Knocking Technique Applied to an IoT Device

Bokhari

Inoue

Kato

et al. 2021

Journal of Information Processing

View full text Add to dashboard Cite

show abstract

“…UDP was chosen as the transport protocol for sending the values, as TCP connection-based overhead and interactivity were not deemed necessary nor applicable, respectively, to minimalist design goals. ICMP traffic could be an alternative, though nothing was found in the literature to support this approach, whereas [12], [47], [48] provide justifications for choosing UDP. Python's native socket library was used to send the knock packet, where the server IP and destination port values are both taken from the client profile, the former being user input from stdin, and the latter being randomly generated.…”

Section: Client Actionsmentioning

confidence: 99%

An authentication protocol based on chaos and zero knowledge proof

2020

View full text Add to dashboard Cite

Port Knocking is a method for authenticating clients through a closed stance firewall, and authorising their requested actions, enabling severs to offer services to authenticated clients, without opening ports on the firewall. Advances in port knocking have resulted in an increase of complexity in design, preventing port knocking solutions from realising their potential. This paper proposes a novel port knocking solution, named Crucible, which is a secure method of authentication, with high usability and features of stealth, allowing servers and services to remain hidden and protected. Crucible is a stateless solution, only requiring the client memorise a command, the server's IP and a chosen password. The solution is forwarded as a method for protecting servers against attacks ranging from port scans, to zero-day exploitation. To act as a random oracle for both client and server, cryptographic hashes were generated through chaotic systems.

show abstract

“…Ada beberapa penelitian sebelumnya yang membahas terkait keamanan jaringan, yakni penelitian yang dilakukan oleh Basim Mahbooba, et al [5], yang membahas penguncian port berbasis sertifikat digital untuk menghubungkan sistem yang embedded pada IoT.…”

Section: Penelitian Terkaitunclassified

Analisis Dan Desain Jalur Transmisi Jaringan Alternatif Menggunakan Virtual Private Network (Vpn)

Amarudin

Riskiono

2019

JTI

View full text Add to dashboard Cite

Penelitian ini bertujuan untuk menganalisis pemanfaatan jalur transmisi jaringan dan keamanan jaringan pada Universitas Teknokrat Indonesia khususnya pada jalur jaringan di gedung pusat (Gd.A) dengan gedung Fakultas Sastra dan Ilmu Pendidikan (Gd.B). Berdasarkan hasil observasi dan wawancara dengan tim IT Pustik, penulis menemukan sebuah kelemahan dalam membangun sistem jaringan tersebut. Kelemahan dari implementasi jaringan yang digunakan selama ini yaitu jalur transmisi data antar gedung (Gd.A dan Gd.B) tidak dilengkapi dengan jalur alternatif untuk mengakses kedua gedung tersebut. Sehingga jika media transmisi antar gedung (Gd.A dan Gd.B) ada trouble, maka antar gedung tersebut tidak bisa saling askses. Padahal masing-masing gedung bisa terkoneksi ke jalur internet. Jadi, secara tidak langsung pemanfaatan jalur internet antar gedung tersebut belum maksimal. Oleh karena itu, perlu dirancang sebuah jalur alternatif yaitu menggunakan protokol Virtual Private Network (VPN). Dimana jalur ini akan digunakan jika jalur normal (eksisting) ada masalah. Jalur alternatif ini juga dilengkapi dengan sistem keamanan jaringan yang dapat berfungsi untuk mengenkripsi semua data yang ditransmisikan pada jalur tersebut. Berdasarkan hasil eksperiman dan analisis yang dilakukan, penulis menemukan bahwa penerapan jalur alternatif menggunakan protocol Virtual Private Network (VPN) sangat cocok untuk diterapkan. Walaupun protokol VPN ini lebis secure, akan tetapi pemanfaatan VPN ini juga terdapat kelemahan lain yang ditemukan. Yaitu ketika pada Gd.B tidak bisa mengakses internet, maka jalur alternatif (jalur VPN) tidak bisa digunakan. Sehingga pada Gd.B tersebut dibutuhkan perangkat tambahan (Modem), agar bisa mengakses internet sehingga dapat mengakses jalur VPN yang telah dibangun.Kata Kunci: Virtual Private Network (VPN), Jalur Alternatif, Keamanan Jaringan.

show abstract

Digital certificate-based port knocking for connected embedded systems

Cited by 6 publications

References 8 publications

Empirical Analysis of Security and Power-Saving Features of Port Knocking Technique Applied to an IoT Device

Empirical Analysis of Security and Power-Saving Features of Port Knocking Technique Applied to an IoT Device

An authentication protocol based on chaos and zero knowledge proof

Analisis Dan Desain Jalur Transmisi Jaringan Alternatif Menggunakan Virtual Private Network (Vpn)

Contact Info

Product

Resources

About