A security monitoring system for Internet of Things

物联网安全监控系统  

Internet of Things, In press, accepted manuscript, Available online 2 July 2019, Article 100080 

Valentina Casola, Alessandra De Benedictis, Antonio Riccio, Diego Rivera, Edgardo Montes de Oca 

摘要：The wide adoption of the Internet of Things (IoT) paradigm in several application domains has raised new security issues, which should be carefully taken into account to achieve a real benefit from the indisputable innovation potential of IoT. In fact, the heterogeneity of involved technologies, including the integration of different resource-constrained devices and networks, has led to the introduction of new threats affecting all architectural layers and urging for the design and enforcement of adequate security countermeasures, including effective monitoring capabilities. In this paper, we present a monitoring tool for IoT systems based on the extension of the Montimage network monitoring tools. The proposed solution, validated within the H2020 ANASTACIA project, proved to be well suited to monitor IoT-level networks thanks to the exploitation of protocol-specific plugins. 

A survey of Internet of Things communication using ICN: A use case perspective

基于ICN的物联网通信综述：应用实例剖析  

Computer Communications, Volumes 142–143, 15 June 2019, Pages 95-123 

Boubakr Nour, Kashif Sharif, Fan Li, Sujit Biswas, Yu Wang 

摘要：Internet of Things (IoT) has gained extensive attention from industry and academia alike in past decade. The connectivity of each and every piece of technology in the environment with Internet, has opened many avenues of research and development. Applications, algorithms, trust models, devices, all have evolved to accommodate the demands of user needs in the most optimal way possible. However, one thing still remains constant: host-centric communication. It is the most predominant way of communication in Internet today. With evolution of everything else, host based communication has been stretched to limits, and exploration of new models have been underway for sometime. Information Centric Networking (ICN) is a major contender for the future Internet architecture, where content is the basic element regardless of its location (host). It intends to offer in-network caching, inherent mobility, multicast support, and content based security as part of design and not add-on functionality. In recent years, numerous efforts have been made to integrate IoT with ICN as the communication model. In this paper, we provide a detailed and systematic review of IoT–ICN research. We investigate ICN as communication enabler for IoT domain specific use cases, and the use of ICN features for the benefit of IoT networks. These include IoT device & content naming, discovery, and caching. We also survey synchronization, interoperability, publish/subscribe communication, quality of service, security, and mobility of IoT devices with ICN perspectives. The paper also presents challenges and possible research directions for the benefit of community. 

Enforcing security in Internet of Things frameworks: A Systematic Literature Review

物联网架构的强制安全性：系统文献综述  

Internet of Things, Volume 6, June 2019, Article 100050 

Mohab Aly, Foutse Khomh, Mohamed Haoues, Alejandro Quintero, Soumaya Yacout 

摘要：With the rise of the Internet of Things (IoT) technology, the number of IoT devices/sensors has increased significantly. It is anticipated that large-scale sensor-based systems will prevail in our societies, calling for novel methodologies to design and operate those new systems. To support the computational demand of real-time delay-sensitive applications of largely distributed IoT devices/sensors, the Cloud is migrating to the edge of the network where resources such as routers, switches, and gateways are being virtualized. The open structural design of IoT architecture and the extensive usage of the paradigm itself cause to encounter conventional security issues for the existing networking technologies. Moreover, cooperation generates challenges as new security challenges can disrupt the systems’ regular functionalities and operations. Furthermore, the commercialization of the IoT has led to several public security concerns including threats of cyber-attacks, privacy issues, and organized crimes. In this paper, we aim to provide guidelines for researchers and practitioners interested in understanding IoT security issues. More specifically, an extensive description of security threats and challenges across the different layers of the architecture of IoT systems is presented. Also, the light will be shed on the solutions and countermeasures proposed in the literature to address such security issues. Finally, an emerging security challenge which has yet to be explained in-depth in previous studies is introduced. 

Cryptographic technologies and protocol standards for Internet of Things

物联网密码技术与协议标准  

Internet of Things, In press, corrected proof, Available online 28 June 2019, Article 100075 

Sherali Zeadally, Ashok Kumar Das, Nicolas Sklavos 

摘要：The Internet of Things (IoT) comprises physical/virtual networked objects that collect and exchange data with each other via the public Internet. As this exchange often takes place over public networks, many security attacks in an IoT environment are possible. First, we briefly review the security issues in the IoT environment. Next, we focus on recent cryptographic protocol standards that are in use or have been recommended for IoT devices to ensure secure communications. We also highlight the advantages and weaknesses of the several protocol standards for various IoT application scenarios including connected vehicles, health, smart home, and consumer appliances and devices. Finally, we discuss some challenges in the area of cryptographic protocol standards that still require to be addressed for IoT applications in the future. 

Malicious Web traffic detection for Internet of Things environments

物联网环境下的恶意网络流量检测  

Computers & Electrical Engineering, Volume 77, July 2019, Pages 260-272 

Binbin Yong, Xin Liu, Qingchen Yu, Liang Huang, Qingguo Zhou 

摘要：The Internet of Things (IoT) is gradually becoming an infrastructure, providing a wide range of applications, from health monitoring to industrial control and many other social domains. Unfortunately, for open connectivity, it is always built on Hypertext Transfer Protocol (HTTP), which inherently brings in new challenging security threats. Parameter injection, as a common and powerful attack, is often exploited by attackers to break into the HTTP servers of IoT by injecting malicious codes into the parameters of the HTTP requests. In this work we present a Hidden Markov Model (HMM) based detection system, which is designed as a novel bidirectory scoring architecture utilizing both benign and malicious Web traffic, to defend against parameter injection attacks in IoT systems. We evaluate the proposed system in terms of Web traffic data in real IoT environments. Results show improvements over baselines. 

Norm-based and commitment-driven agentification of the Internet of Things

基于规范与承诺驱动的物联网Agent化  

Internet of Things, Volume 6, June 2019, Article 100042 

Khouloud Boukadi, Noura Faci, Zakaria Maamar, Emir Ugljanin, Mohammed Al-Khafajiy 

摘要：There are no doubts that the Internet-of-Things (IoT) has conquered the ICT industry to the extent that many governments and organizations are already rolling out many anywhere,anytime online services that IoT sustains. However, like any emerging and disruptive technology, multiple obstacles are slowing down IoT practical adoption including the passive nature and privacy invasion of things. This paper examines how to empower things with necessary capabilities that would make them proactive and responsive. This means things can, for instance reach out to collaborative peers, (un)form dynamic communities when necessary, avoid malicious peers, and be “questioned” for their actions. To achieve such empowerment, this paper presents an approach for agentifying things using norms along with commitments that operationalize these norms. Both norms and commitments are specialized into social (i.e., application independent) and business (i.e., application dependent), respectively. Being proactive, things could violate commitments at run-time, which needs to be detected through monitoring. In this paper, thing agentification is illustrated with a case study about missing children and demonstrated with a testbed that uses different IoT-related technologies such as Eclipse Mosquitto broker and Message Queuing Telemetry Transport protocol. Some experiments conducted upon this testbed are also discussed.