Selective Forwarding Attack on IoT Home Security Kits

Hariri, Ali; Giannelos, Nicolas; Arief, Budi

doi:10.1007/978-3-030-42048-2_23

Cited by 7 publications

(3 citation statements)

References 6 publications

(6 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The global monitoring capability and the infrastructure of fog computing are exploited in [30]. The vulnerability of home security devices to the SFA is demonstrated with some recommendations and solutions [31]. The authors of [20] propose one of the earliest IDS for the IoT to prevent the sink-hole attack and the SFA.…”

Section: Related Workmentioning

confidence: 99%

A Novel Countermeasure for Selective Forwarding Attacks in IoT Networks

Yaman

Sokat

Ayav

et al. 2022

2022 3rd International Informatics and Software Engineering Conference (IISEC)

View full text Add to dashboard Cite

As the Internet of Things (IoT) devices become more widespread there are rising public concerns about whether or not IoT devices and their services are secure. One of the major threats they face is selective forwarding attacks performed by malicious nodes. Although packets can be lost inherently due to network conditions, malicious nodes, such as those performing blackhole attacks, may deliberately drop some, but not all of them. Therefore, distinguishing these nodes from legitimate ones is not so easy. This study has proposed a lightweight countermeasure to deal with this kind of attack in IoT networks, using the standard IPv6 Routing Protocol for Low Power and Lossy Networks (RPL). The mechanism is based on Mobile Trusted Nodes (MTNs). For the given threat model, we showed that our model has robust detection accuracy and brings no additional overhead to the network.

show abstract

Section: Related Workmentioning

confidence: 99%

A Novel Countermeasure for Selective Forwarding Attacks in IoT Networks

Yaman

Sokat

Ayav

et al. 2022

2022 3rd International Informatics and Software Engineering Conference (IISEC)

View full text Add to dashboard Cite

show abstract

“…Currently, the Internet of Things (IoT) devices, such as industrial control and wearable devices, are becoming an important part of cyberspace and play an indispensable role in daily human life. However, due to the limitation of hardware resources, IoT devices usually cannot integrate sophisticated security detection or protection mechanisms and tend to be victims of cyber attacks [1]. Meanwhile, due to the lack of management, compromised IoT devices may lose control or be abused as a foothold for further network attacks for a long time before being noticed [2].…”

Section: Introductionmentioning

confidence: 99%

WYSIWYG: IoT Device Identification Based on WebUI Login Pages

Wang¹,

Li²,

Jing³

et al. 2022

Sensors

View full text Add to dashboard Cite

With the improvement of intelligence and interconnection, Internet of Things (IoT) devices tend to become more vulnerable and exposed to many threats. Device identification is the foundation of many cybersecurity operations, such as asset management, vulnerability reaction, and situational awareness, which are important for enhancing the security of IoT devices. The more information sources and the more angles of view we have, the more precise identification results we obtain. This study proposes a novel and alternative method for IoT device identification, which introduces commonly available WebUI login pages with distinctive characteristics specific to vendors as the data source and uses an ensemble learning model based on a combination of Convolutional Neural Networks (CNN) and Deep Neural Networks (DNN) for device vendor identification and develops an Optical Character Recognition (OCR) based method for device type and model identification. The experimental results show that the ensemble learning model can achieve 99.1% accuracy and 99.5% F1-Score in the determination of whether a device is from a vendor that appeared in the training dataset, and if the answer is positive, 98% accuracy and 98.3% F1-Score in identifying which vendor it is from. The OCR-based method can identify fine-grained attributes of the device and achieve an accuracy of 99.46% in device model identification, which is higher than the results of the Shodan cyber search engine by a considerable margin of 11.39%.

show abstract

“…Due to resource constraints and insecure designs, IoT devices are prone to be involved in cyber-attacks, ranging from being the target [22,45] to being exploited to create a botnet to mount a massive Distributed Denial of Service attack [3,16]. Therefore, it is necessary and desirable to be able to automatically detect whether certain IoT devices might be vulnerable or could be exploited in cyber-attacks.…”

Section: Introductionmentioning

confidence: 99%

Position paper

Yadav

Feraudo

Arief

et al. 2020

Proceedings of the 2nd International Workshop on Challenges in Artificial Intelligence and Machine Learning for Internet of Thi

Self Cite

View full text Add to dashboard Cite

The popularity of the Internet of Things (IoT) devices makes it increasingly important to be able to fingerprint them, for example in order to detect if there are misbehaving or even malicious IoT devices in one's network. However, there are many challenges faced in the task of fingerprinting IoT devices, mainly due to the huge variety of the devices involved. At the same time, the task can potentially be improved by applying machine learning techniques for better accuracy and efficiency. The aim of this paper is to provide a systematic categorisation of machine learning augmented techniques that can be used for fingerprinting IoT devices. This can serve as a baseline for comparing various IoT fingerprinting mechanisms, so that network administrators can choose one or more mechanisms that are appropriate for monitoring and maintaining their network. We carried out an extensive literature review of existing papers on fingerprinting IoT devices-paying close attention to those with machine learning features. This is followed by an extraction of important and comparable features among the mechanisms outlined in those papers. As a result, we came up with a key set of terminologies that are relevant both in the fingerprinting context and in the IoT domain. This enabled us to construct a framework called IDWork, which can be used for categorising existing IoT fingerprinting mechanisms in a way that will facilitate a coherent and fair comparison of these mechanisms. We found that the majority of the IoT fingerprinting mechanisms take a passive approach-mainly through network sniffing-instead of being intrusive and interactive with the device of interest. Additionally, a significant number of the surveyed mechanisms employ both static and dynamic approaches, in order to benefit from complementary features that can be more robust against certain attacks such as spoofing and replay attacks. CCS CONCEPTS • Security and privacy → Biometrics; • Networks → Layering; • Computer systems organization → Sensor networks; • Computing methodologies → Machine learning approaches; Modeling methodologies; • General and reference → Measurement.

show abstract

Selective Forwarding Attack on IoT Home Security Kits

Abstract: The version in the Kent Academic Repository may differ from the final published version. Users are advised to check http://kar.kent.ac.uk for the status of the paper. Users should always cite the published version of record.

Cited by 7 publications

References 6 publications

A Novel Countermeasure for Selective Forwarding Attacks in IoT Networks

A Novel Countermeasure for Selective Forwarding Attacks in IoT Networks

WYSIWYG: IoT Device Identification Based on WebUI Login Pages

Position paper

Contact Info

Product

Resources

About