Publicação
Integrating an intrusion detection system with heterogeneous IoT endpoint devices
| Resumo: | With the technological development, the world is witnessing a phenomenon that can be described as a flooding of gadgets and electronic devices in everyone’s daily life, both for work and personal usage. Due to this continuous increasing of development and deployment of gadgets, the IoT is continuously increasing its presence in city houses, companies and streets, with various devices that can work as sensors and/or actuators for many purposes. The quick growth of this industry is leading to the manufacturers the prioritizing production of devices with smaller dimensions, higher efficiency concerning energy consumption, greater processing capabilities and, ultimately, at a reduced cost. Meanwhile, it has been observed that these devices, and the networks in which they are integrated, still remain very vulnerable and require stronger protection mechanisms. Therefore, there is an obvious urgency in the development of appropriate solutions to protect businesses, consumers, and critical infrastructure as well as ensuring greater reliability on these devices. Hereupon, this dissertation consists in the development of the IDIoT, an IDS for the IoT, designed for heterogeneous endpoint devices. This system improves endpoint devices security with network layer control by being able to detect and correct to the most popular attacks targeting low-end devices, such as DoS and routing attacks. Since it targets low-end devices, this mechanism must require the smallest memory footprint possible, without sacrificing the energy consumption and the overall system performance. Throughout this dissertation, several IDS systems and possible attacks are studied in order to endow IDIoT with the best possible features. In order to test the solution over a network that can represent real world scenarios, the IDIoT was tested over the Cooja simuator, which is a network simulator that is able to emulate several IoT motes under a chosen network topology. Furthermore, some experimental results are presented in order to prove the efficiency of the proposed solution, through the simulation of attacks against an emulated network where devices are running the IDIoT. At last, the conclusion and future work perspectives are presented. |
|---|---|
| Autores principais: | Alves, André Filipe Pereira |
| Assunto: | IoT IDS DoS attacks Routing attacks OSes Security Connectivity Internet of things (IoT) Intrusion detection system (IDS) Ataques DoS Ataques de mapeamento Operating system (OS) Segurança Conectividade |
| Ano: | 2020 |
| País: | Portugal |
| Tipo de documento: | dissertação de mestrado |
| Tipo de acesso: | acesso aberto |
| Instituição associada: | Universidade do Minho |
| Idioma: | inglês |
| Origem: | RepositóriUM - Universidade do Minho |
| Resumo: | With the technological development, the world is witnessing a phenomenon that can be described as a flooding of gadgets and electronic devices in everyone’s daily life, both for work and personal usage. Due to this continuous increasing of development and deployment of gadgets, the IoT is continuously increasing its presence in city houses, companies and streets, with various devices that can work as sensors and/or actuators for many purposes. The quick growth of this industry is leading to the manufacturers the prioritizing production of devices with smaller dimensions, higher efficiency concerning energy consumption, greater processing capabilities and, ultimately, at a reduced cost. Meanwhile, it has been observed that these devices, and the networks in which they are integrated, still remain very vulnerable and require stronger protection mechanisms. Therefore, there is an obvious urgency in the development of appropriate solutions to protect businesses, consumers, and critical infrastructure as well as ensuring greater reliability on these devices. Hereupon, this dissertation consists in the development of the IDIoT, an IDS for the IoT, designed for heterogeneous endpoint devices. This system improves endpoint devices security with network layer control by being able to detect and correct to the most popular attacks targeting low-end devices, such as DoS and routing attacks. Since it targets low-end devices, this mechanism must require the smallest memory footprint possible, without sacrificing the energy consumption and the overall system performance. Throughout this dissertation, several IDS systems and possible attacks are studied in order to endow IDIoT with the best possible features. In order to test the solution over a network that can represent real world scenarios, the IDIoT was tested over the Cooja simuator, which is a network simulator that is able to emulate several IoT motes under a chosen network topology. Furthermore, some experimental results are presented in order to prove the efficiency of the proposed solution, through the simulation of attacks against an emulated network where devices are running the IDIoT. At last, the conclusion and future work perspectives are presented. |
|---|