Monitoring Real Time Security Attacks for IoT Systems Using DevSecOps: A Systematic Literature Review

Bahaa, Ahmed; Abdelaziz, Ahmed; Sayed, Abdalla; El-Fangary, Laila M.; Fahmy, Hanan

doi:10.3390/info12040154

Cited by 24 publications

(12 citation statements)

References 76 publications

(68 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…(2016) , present a multi-layer hardware Trojan authentication architecture for IoT devices to guarantee their validity in the network. In Bahaa et al. (2021) ; Dey et al.…”

Section: Introductionmentioning

confidence: 99%

Emerging IoT Applications in Sustainable Smart Cities for COVID-19: Network Security and Data Preservation Challenges with Future Directions

Adil

Khan

2021

Sustainable Cities and Society

View full text Add to dashboard Cite

COVID-19 is a global infectious disease that can be easily spread by the contiguity of infected people. To prevent from COVID-19 and reduce its impact in sustainable smart cities, the global research communities are working relentlessly by harnessing the emerging technologies to develop the safest diagnosis, evaluation, and treatment procedures, and Internet of Things (IoT) is one of the pioneers among them. IoT can perform a pivotal role to diminish its immense contagious rate by suitable utilization in emerging healthcare IoT applications in sustainable smart cities. Therefore, the focus of this paper is to outline a survey of the emerging healthcare IoT applications practiced in the perspective of COVID-19 pandemic in terms of network architecture security, trustworthiness, authentication, and data preservation followed by identifying existing challenges to set the future research directions. The salient contributions of this work deal with the accomplishment of a detailed and comprehensive literature review of COVID-19 starting from 2019 through 2021 in the context of emerging healthcare IoT technology. In addition, we extend the correlated contributions of this work by highlighting the weak aspects of the existing emerging healthcare IoT applications, security of different network layers and secure communication environment followed by some associated requirements to address these challenges. Moreover, we also identify future research directions in sustainable smart cities for emerging healthcare IoT utilization in the context of COVID-19 with the most productive results and least network implementation costs.

show abstract

“…(2016) , present a multi-layer hardware Trojan authentication architecture for IoT devices to guarantee their validity in the network. In Bahaa et al. (2021) ; Dey et al.…”

Section: Introductionmentioning

confidence: 99%

Emerging IoT Applications in Sustainable Smart Cities for COVID-19: Network Security and Data Preservation Challenges with Future Directions

Adil

Khan

2021

Sustainable Cities and Society

View full text Add to dashboard Cite

show abstract

“…The search process includes selecting the digital repositories, constructing a search string, conducting an initial search, and retrieving the first primary studies collection. Five digital repositories have been utilized in many SLRs [78]: Springer Link, Science Direct, Association for Computer Machinery (ACM), Scopus, and IEEE Xplore. Following the digital repository selection, a search string was necessary to conduct a comprehensive search and choose the related primary studies.…”

Section: Review Protocolmentioning

confidence: 99%

“…Credential access [28] Pass hash [79,82,83,117,118] Man-in-the-middle [119] Password cracking [120] Eavesdropping [78,[80][81][82]85,87,97,105,107,111,[121][122][123] Social engineering Discovery [124] Probe [100,125] Lateral/Internal spear-phishing emails Lateral movement [108] Data leakage Collection Cloud data leakage [126] Removable device C&C and Exfiltration Tunneling over protocol [3,76,79,81,92,97,111,115,[124][125][126][127][128][129][130] DOS Impact [4,82,131] Botnet [108] Software update Data fabrication In this section, the findings and analysis of Research Question 1 related to APT features are presented. APT is a hard-to-detect cyber threat group or campaign that may use familiar attacks (such as spear phishing, watering hole, appl...…”

Section: Analysis and Findings Of Research Questionsmentioning

confidence: 99%

“…Social engineering-In order to obtain information and gain access to a system, social engineering attacks often target people as their primary target. Most APT attackers use this technique to gather information about the targeted user at the reconnaissance stage, moving laterally to other systems or figuring out the compromised systems [78,[80][81][82]85,87,97,105,107,111,[121][122][123]; 2.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Exploration of Mobile Device Behavior for Mitigating Advanced Persistent Threats (APT): A Systematic Literature Review and Conceptual Framework

Jabar

Singh

2022

Sensors

View full text Add to dashboard Cite

During the last several years, the Internet of Things (IoT), fog computing, computer security, and cyber-attacks have all grown rapidly on a large scale. Examples of IoT include mobile devices such as tablets and smartphones. Attacks can take place that impact the confidentiality, integrity, and availability (CIA) of the information. One attack that occurs is Advanced Persistent Threat (APT). Attackers can manipulate a device’s behavior, applications, and services. Such manipulations lead to signification of a deviation from a known behavioral baseline for smartphones. In this study, the authors present a Systematic Literature Review (SLR) to provide a survey of the existing literature on APT defense mechanisms, find research gaps, and recommend future directions. The scope of this SLR covers a detailed analysis of most cybersecurity defense mechanisms and cutting-edge solutions. In this research, 112 papers published from 2011 until 2022 were analyzed. This review has explored different approaches used in cybersecurity and their effectiveness in defending against APT attacks. In a conclusion, we recommended a Situational Awareness (SA) model known as Observe–Orient–Decide–Act (OODA) to provide a comprehensive solution to monitor the device’s behavior for APT mitigation.

show abstract

“…Dynamic analysis and extensive penetration testing are done to reveal any vulnerabilities that might be potentially exploited. However, while there has been work on developing a DevSecOps (Myrbakken 2017) models for Cloud applications (Rajasekharaiah 2021) (Kumar 2021) and IoT systems (Bahaa 2021) (Wolf 2021) there is no work in the literature on DevSecOps for MQTT specifically.…”

Section: Introductionmentioning

confidence: 99%

Novel DevSecOps Model for Robust Security in an MQTT Internet of Things

Ekoramaradhya

Thorpe

2022

iccws

View full text Add to dashboard Cite

Message Queuing Telemetry Transport (MQTT) is a standard messaging protocol for the Internet of Things (IoT). Among the various communication protocols used in IoT, MQTT stands unique because of its multiple advantages such as being efficient and light weight, reliability in message delivery and scalability to millions of things. However, the fact that the data privacy of the MQTT messages can be compromised while the data is in transit poses risks to the security mechanism. Attack scenarios related to MQTT have exposed multiple risks and vulnerabilities such as thousands of MQTT brokers being accessible over the default port, data privacy, authentication, data integrity, port obscurity, and botnet over MQTT. These risks and vulnerabilities undermine security mechanism which results in compromised IoT systems. Development Security and Operations (DevSecOps) aims at integrating security at every phase of the IoT lifecycle with enhanced automation, tools, and a process for determining security vulnerabilities at every stage. This results in a rapid and cost-effective IoT system which is enabled by proactive security mechanisms, threat prediction, threat detection, and alerting mechanisms. The aim of this work is to build a DevSecOps pipeline utilizing open source MQTT servers and brokers. A comparative study was performed to identify the risk posture provided by the DevSecOps pipeline across MQTT ports offering different combinations of security mechanisms. Firstly, threat modelling was conducted wherein the IoT system was analyzed at an architectural level from an attacker’s perspective and appropriate risk mitigation and defense mechanisms were accommodated into the design. The IoT system was then subjected to rigorous static and dynamic analysis followed by vulnerability scanning and third component checks. Penetration test cases and controls are automated to check threats and vulnerabilities like escalation of privileges, denial of service, spoofing, information disclosure, and repudiation. An alerting mechanism is also integrated into the system to monitor risks and vulnerabilities. Our proposed DevSecOps models achieves standard maturity in security systems with earlier threat prediction and detection.

show abstract

Monitoring Real Time Security Attacks for IoT Systems Using DevSecOps: A Systematic Literature Review

Cited by 24 publications

References 76 publications

Emerging IoT Applications in Sustainable Smart Cities for COVID-19: Network Security and Data Preservation Challenges with Future Directions

Emerging IoT Applications in Sustainable Smart Cities for COVID-19: Network Security and Data Preservation Challenges with Future Directions

Exploration of Mobile Device Behavior for Mitigating Advanced Persistent Threats (APT): A Systematic Literature Review and Conceptual Framework

Novel DevSecOps Model for Robust Security in an MQTT Internet of Things

Contact Info

Product

Resources

About