Tytuł artykułu
Autorzy
Wybrane pełne teksty z tego czasopisma
Identyfikatory
Warianty tytułu
Konferencja
Federated Conference on Computer Science and Information Systems (14 ; 01-04.09.2019 ; Leipzig, Germany)
Języki publikacji
Abstrakty
Nowadays DDoS attacks using IoT devices are frequent and extensive. Given that IoT network instances are distributed and deployed over conventional Internet gear, DDoS countermeasures in IoT need to be fully distributed and coordinated all over the components that form each IoT instance. This paper presents a designed and prototyped distributed host-based intrusion detection systems (HIDS) that aims to protect the components of IoT network backbones, comprising conventional switches and routers. In our design, a set of the proposed HIDS executes conventional security verifications, like default username and password, known attacks signatures, monitoring the usage of resources, processes, ports and open connections, while also interacting with a Controller of the HIDS set to allow the coordination of intrusion detection actions relative to DDoS attacks all over the IoT instance. The designed distributed HIDS is evaluated in a controlled environment that, although being a local and isolated network, realistically represents IoT network instances.
Rocznik
Tom
Strony
81--88
Opis fizyczny
Bibliogr. 19 poz., wykr., tab.
Twórcy
autor
- National Science and Technology Institute on Cyber Security, Electrical Engineering Department, University of Brasília (UnB), P.O. Box 4466, Brasília–DF, Brazil, CEP 70910-900
autor
- National Science and Technology Institute on Cyber Security, Electrical Engineering Department, University of Brasília (UnB), P.O. Box 4466, Brasília–DF, Brazil, CEP 70910-900
autor
- National Science and Technology Institute on Cyber Security, Electrical Engineering Department, University of Brasília (UnB), P.O. Box 4466, Brasília–DF, Brazil, CEP 70910-900
autor
- National Science and Technology Institute on Cyber Security, Electrical Engineering Department, University of Brasília (UnB), P.O. Box 4466, Brasília–DF, Brazil, CEP 70910-900
- National Science and Technology Institute on Cyber Security, Electrical Engineering Department, University of Brasília (UnB), P.O. Box 4466, Brasília–DF, Brazil, CEP 70910-900
autor
- National Science and Technology Institute on Cyber Security, Electrical Engineering Department, University of Brasília (UnB), P.O. Box 4466, Brasília–DF, Brazil, CEP 70910-900
autor
- National Science and Technology Institute on Cyber Security, Electrical Engineering Department, University of Brasília (UnB), P.O. Box 4466, Brasília–DF, Brazil, CEP 70910-900
autor
- National Science and Technology Institute on Cyber Security, Electrical Engineering Department, University of Brasília (UnB), P.O. Box 4466, Brasília–DF, Brazil, CEP 70910-900
autor
- National Science and Technology Institute on Cyber Security, Electrical Engineering Department, University of Brasília (UnB), P.O. Box 4466, Brasília–DF, Brazil, CEP 70910-900
Bibliografia
- 1. Kaspersky. DDoS attacks in q1 2018. [Online]. Available: https://securelist.com/ddos-report-in-q1-2018/85373/
- 2. M. Antonakakis, T. April, M. Bailey, M. Bernhard, E. Bursztein, J. Cochran, Z. Durumeric, J. A. Halderman, L. Invernizzi, M. Kallitsis, D. Kumar, C. Lever, Z. Ma, J. Mason, and D. Menscher, “Understanding the Mirai Botnet,” in Proceedings of the 26th USENIX Security Symposium. Vancouver, BC, Canada: USENIX, 2017, pp. 1093–1110.
- 3. S. Hilton. Dyn Analysis Summary Of Friday October 21 Attack. [Online]. Available: https://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-attack/
- 4. C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, “DDoS in the IoT: Mirai and other botnets,” Computer, vol. 50, no. 7, pp. 80–84, 2017.
- 5. “Annual CyberSecurity Report,” Cisco 2018, Tech. Rep., 2018. [Online]. Available: https://www.cisco.com/c/dam/m/digital/elq-cmcglobal/witb/acr2018/acr2018final.pdf
- 6. P. N. Raju, “State of the Art Intrusion Detection: Technologies, Challenges, and Evaluation,” Master’s Thesis, Linköping University, Linköping, Sweden, 2005.
- 7. R. Gerhards, “The Syslog Protocol - RFC 5424,” Internet Engineering Task Force (IETF), Tech. Rep., March 2009.
- 8. H. G. C. Ferreira and R. T. de Sousa Junior, “Security analysis of a proposed internet of things middleware,” Cluster Computing, vol. 20, no. 1, pp. 651–660, Mar 2017.
- 9. A. Lazarevic, V. Kumar, and J. Srivastava, Intrusion Detection: A Survey. Boston, MA, USA: Springer US, 2005, pp. 19–78.
- 10. A. Patel, Q. Qassim, and C. Wills, “A survey of intrusion detection and prevention systems,” Information Management & Computer Security, vol. 18, no. 4, pp. 277–290, 2010.
- 11. H.-J. Liao, C.-H. R. Lin, Y.-C. Lin, and K.-Y. Tung, “Intrusion detection system: A comprehensive review,” Journal of Network and Computer Applications, vol. 36, no. 1, pp. 16 – 24, 2013.
- 12. G. G. Helmer, J. S. K. Wong, V. Honavar, and L. Miller, “Intelligent Agents for Intrusion Detection,” in 1998 IEEE Information Technology Conference, Information Environment for the Future (Cat. No.98EX228). Syracuse, NY, USA: IEEE, Sep. 1998, pp. 121–124.
- 13. “Cisco Port Security,” Cisco, Tech. Rep., 2018. [Online]. Available: https://www.cisco.com/c/en/us/td/docs/routers/7600/ios/15S/configuration/guide/7600_15_0s_book/port_sec.html
- 14. “DHCP Snooping,” Cisco, Tech. Rep., 2018. [Online]. Available: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ ios/12-2SX/configuration/guide/book/snoodhcp.html
- 15. Y. F. Jou, F. Gong, C. Sargor, X. Wu, S. F. Wu, H. C. Chang, and F. Wang, “Design and implementation of scalable IDS for the protection of Network infraestructure,” in Proceedings DARPA Information Survivability Conference and Exposition. DISCEX’00, vol. 2. Hilton Head, SC, USA: IEEE, Jan 2000, pp. 69–83 vol.2.
- 16. G. Prashanth, V. Prashanth, P. Jayashree, and N. Srinivasan, “Using Random Forests for Network-based Anomaly detection at Active routers,” in 2008 International Conference on Signal Processing, Communications and Networking, Chennai, India, Jan 2008, pp. 93–96.
- 17. S. R. Snapp, J. Brentano, G. V. Dias, T. L. Goan, L. T. Heberlein, C.-L. Ho, K. N. Levitt, B. Mukherjee, S. E. Smaha, T. Grance, D. M. Teal, and D. Mansur, “DIDS (Distributed Intrusion Detection System)-Motivation, Architecture, and An Early Prototype,” in Proceedings of the 14th National Computer Security Conference. Washington, DC, USA: NIST, 1991, pp. 167–176.
- 18. M. Silva, D. Lopes, and Z. Abdelouahab, “A Remote IDS Based on Multi-Agent Systems, Web Services and MDA,” in 2006 International Conference on Software Engineering Advances (ICSEA’06), Tahiti, Tahiti, Oct 2006, pp. 64–64.
- 19. B. V. Dutra, J. F. de Alencastro, F. L. de Caldas Filho, L. M. C. e Martins, R. T. de Sousa Júnior, and R. de O. Albuquerque, “HIDS by signature for embedded devices in IoT networks,” in Actas de las V Jornadas Nacionales de Investigación en Ciberseguridad (JNIC 2019). Cáceres, Spain: Universidad de Extremadura, Jun 2019, pp. 53–61.
Uwagi
1. Track 3: Network Systems and Applications
2. Technical Session: 3rd Workshop on Internet of Things - Enablers, Challenges and Applications
3. Opracowanie rekordu ze środków MNiSW, umowa Nr 461252 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2020).
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-53f9f2e4-48de-4b9a-bd11-0b9768a160f6