Securing Communications in Internet of Things (IoT) Environments

Establishing the connectivity and delivering information for self-configuring wireless nodes in resource-constrained Internet of Things (IoT) environments is prone to security holes.

IoT has been recently extensively investigated through the introduction of various innovative network infrastructure designs such as mobile ad hoc networks (MANET), delay-tolerant networks (DTN) and information-centric networks (ICN).

Although a couple of proposals have been proposed for securing these infrastructure designs, dealing with potential attacks against neighbor discovery and localization such as wormhole attacks is an issue which has received considerable attentions recently. Secure neighbor discovery (SND) and secure localization play a critical role in location-based services which is a primary in IoT environments.

Another security issue in IoT is to detect malicious or selfish nodes and reduce unnecessary traffic on the network as well as to end devices.

The main idea is to protect spam in the "content" level rather than the "communication level", which ICN provides a great opportunity:

Spam might incur great workload in IoT environments. Large amount of spam wastes already precious network bandwidth, affects the existing timely communication, and might also cause denial of service (DOS) in the network. Even the network in which neighbors are authenticated cannot avoid spam with high accuracy and low false positive. The Email system is one of the examples. People still receive huge amount of spam when every mail server is authenticated by the DNS. We believe that spam can only be solved in the content level rather than communication level.

In this part of the work, we are going to find a way to protect spam in IoT with the help from ICN. ICN might provide a new way to solve the long-standing spam problem. In ICN, data are forwarded according to the Content Name or Content Descriptor. In order to disseminate the spam to the victims, spammers usually need to give spam a Content Name or a series of Content Descriptors, which partially reveals the content of the spam. But such information can also help the network identify the redundancy of the information disseminated (one key feature of spam is high redundancy). That gives us a possible way to monitor the amount of original information in a series of data sent to the network and try to identify spam at the “content” level.

Therefore, one key requirement of this environment is the ability to ensure that neighborhood discovery is securely performed and the wormholes can be prevented. Another key requirement is the ability to control spam and ensure that suitable denial-of-service capabilities are also built into the IoT architecture from the very beginning.

With the help of the simulation center, we can study the behavior of spammers and get the statistical information about how a spam is disseminated throughout the IoT network. Using the results, we can then fine tune metrics and threshold of the spam classifier. The verification of the spam protector can also be partially done in the simulation environment. The overhead and the benefit for different spam protectors can also be studied and compared to further optimize our spam protector.

Involved Scientists

Publication list

2014

M. Arumaithurai, J. Chen, E. Monticelli, X. Fu and K. K. Ramakrishnan. Exploiting ICN for Flexible Management of Software-Defined Networks, in Proc. of 1st ACM Conference on Information-Centric Networking (ICN 2014), Paris, France (won the Best Paper Award), September 2014.
Q. Li, X. Zhang, Q. Zheng, R. Sandhu and X. Fu. LIVE: Lightweight Integrity Verification and Content Access Control for Named Data Networking, IEEE Transactions on Information Forensics and Security, IEEE 10.2: 308-320, October 2014.
L. Jiao, J. Li, T. Xu,W. Du and X. Fu. Optimizing Cost for Online Social Networks on Geo-Distributed Clouds, IEEE/ACM Transactions on Networking 99, September 2014.
W. Du, Y. Liao, N. Tao, P. Geurts, X. Fu and G. Leduc. Rating Network Paths for Locality-Aware Overlay Construction and Routing, IEEE/ACM Transactions on Networking, July 2014.
S. Hartung, S. Taheri and D. Hogrefe. Sensor-Assisted Monte Carlo Localization for Wireless Sensor Networks, in 6th IEEE International Conference on Cyber Technology (CYBER), Hong Kong, HK, June 2014.
D. Koll, J. Li and X. Fu. SOUP: An Online Social Network By The People, For The People, in Proc. of 15th Annual ACM/IFIP/USENIX Middleware Conference (Middleware 2014), Bordeaux, France, December 2014.

2013

S. Hartung, H. Brosenne and D. Hogrefe. Practical RSSI Long Distance Measurement Evaluation in Wireless Sensor Networks, in The 2013 IEEE Conference on Wireless Sensors (ICWiSe 2013), Kuching, Malaysia, December 2013.
S. Taheri and D. Hogrefe. Robust and Scalable Secure Neighbor Discovery for Wireless Ad Hoc Networks, in The 2013 IEEE International Conference on Communications (ICC 2013), Budapest, Hungary, June 2013.

Name	Purpose	Lifetime	Type	Provider
_pk_id	Used to store a few details about the user such as the unique visitor ID.	13 months	HTML	Matomo
_pk_ref	Used to store the attribution information, the referrer initially used to visit the website.	6 months	HTML	Matomo
_pk_ses	Short lived cookie used to temporarily store data for the visit.	30 minutes	HTML	Matomo
_pk_cvar	Short lived cookie used to temporarily store data for the visit.	30 minutes	HTML	Matomo
_pk_hsr	Short lived cookie used to temporarily store data for the visit.	30 minutes	HTML	Matomo