“A Host-based Intrusion Detection and Mitigation Framework for Smart Home IoT using OpenFlow” Article Summary
Technology has brought many changes and among those changes is how devices are connected over the internet prompting the Internet of Things (IoT). According to Nobakht et al. (2016), the internet of things can be used in many applications especially in automation, education, building smart homes as well as smart cities. Nobakht et al. (2016) believe that at home internet of things should be able to help in controlling and managing smart appliances within the home and in scenarios outside the home. Nobakht et al. (2016) believe that although these advancements make lives easier, they are susceptible to attacks and thus the risk of bringing issues to do with security and privacy. In the words of Nobakht et al. (2016), technically savvy individuals might take advantage of this situation and create situations that could threaten the lives of individuals and their possessions. The most conversant example is how anyone from the internet can access baby monitors. Nobakht et al. (2016) say that different parameters could lead to these challenges in terms of how the IoT can be defended from intrusion. Nobakht et al. (2016) suggest that issues to do with invasion might arise as a result of insufficient authentification and authorization, insecure software and lack of encryption.
Making of IoT and related devices is becoming easy, and more of a norm and this is however not taken seriously as most devices are not secure from threats like the intrusion. According to the study by Nobakht et al. (2016), many vulnerabilities arise with a majority of these devices, and the majority of them are directly related to intrusion. Nobakht et al. (2016) further note that regardless of how secure a system is, it can be open to these vulnerabilities of intrusion if it is not managed in the right way, thus handling and managing these Internet of Things is the first step to achieve an almost 100% zero intrusion system. In the words of Nobakht et al. (2016) analyzing home networks and infrastructure associated with these systems for signs of potential threats and security risks as well as points that could lead to intrusion is also an important step in defending the systems against intrusion. Once such systems are analyzed and threats that could lead to intrusion detected, it is necessary and right to consider effective defense mechanisms that can hamper an enemy from intruding into the privacy of people or the infrastructure itself (Nobakht et al.,2016). Nobakht et al. (2016) observes that redesigning and embedding security agents in them would be a great deal if it is done in the right way and with the future in mind. Since several efforts narrow down to risk analysis of IoT and how to defend such systems from intrusion, it is important to understand what such approaches would mean to the end consumer of such systems. Data has been collected on experiments, and Nobakht et al. (2016) in regards to this believes that a 6LoWPAN would work very well in securing networks of most IoT especially those with network layers and routing attacks. The audience, in this case, is system developers who design most of these systems and proposing intrusion detection systems must work for most of home-based IoT because that is where the greatest vulnerability lies at (Nobakht et al.,2016). Based on various researches previous works, SDN can be used to manage network issues for campus and business and thus with enough modifications the same can be used for IoT systems that are home-based.
“ProFiOt: Abnormal Behavior Profiling (ABP) of IoT devices based on a machine learning approach” Article Summary
The paper by Lee et al. (2017) seeks to build an Abnormal Behaviour Profiling (ABP) of IoT devices with the aim of supplementing other studies that have been done in regards to detection of intrusion of IoT devices. According to Lee et al. (2017), most machine learning algorithms are designed with the ability to be improved and strengthened to overcome challenges, and among those challenges, the ability to overcome and defend Internet of Things against intrusion is important as it entails security of information. Creating a strong system that can detect vulnerabilities in the present and the future is a great step, and Lee et al. (2017) believes that this will be possible through Abnormal Behaviour Profiling (ABP). As Lee et al. (2017)believes, intrusion is itself abnormal as it is not what the IoT is designed for and it must be dealt with as it arises. Defending IoT from such cases of intrusion. The focus of the paper and researchers is to be able to understand how the IoT sensors can communicate and send sensed data and how this can be used to our advantage in creating systems that are not only of value and can detect and deter intrusion in home, business and school systems (Lee et al.,2017). In the words of Lee et al. (2017) data that is sensed by the IoT can be used maliciously and this has to be prevented at all costs. These kinds of threats can affect the detection accuracy of abnormal behavior from the machine learning algorithms like k-Means and the support vector machine.
The study conducted by Lee et al. (2017) used qualitative data as most of the tests, and system examinations were done in real time. Qualitative data especially reviewed from other sources have been used to make the research stronger, but this does not encompass a huge chunk of the data. Lee et al. (2017) suggests that the two algorithms used in this study (k-Means and SVM, were used to detect one sensed data modification from one entry point and this revealed that k-Means had more accuracy at 92% and SVM at 69.5%. The results are proof that intrusion of IoT is still at high levels and a lot needs to be done. Further to strengthen this, Lee et al. (2017) suggests that it will be important to improve the detection accuracy of abnormal behavior in IoT systems in a bid to improve ABP. The paper focuses on system analysts and how they can use the ideas proposed to create IoT systems that are capable of overcoming intrusion attacks from outsiders.
“Dynamic attack mitigation using SDN” Article Summary
According to Bhunia & Gurusamy (2017) securing internet, threats are becoming a sophisticated day in day out because of the ever increasing types, numbers and the means used to threaten. The paper sets it that in cases of large scale attacks on moist network systems, the networks are unable to respond and mitigate these attacks. Failing to deal with these disruptions leads to losses and disruptions on the entire IoT, and this creates a discontinuity in many ways.
According to Bhunia & Gurusamy (2017), this paper aims to help stakeholders understand how they can mitigate and address attacks especially from the perspective of the Internet Service Provider. In this regards, ISP’s should adapt their network systems so that they can help to mitigate the attacks or to reduce them by a huge margin. According to Bhunia & Gurusamy (2017), Software Defined Networking (SDN) can be used in many instances to provide mitigation services to customers who use the IoT — carrying out simulation studies to evaluate the solutions and understand how this will have an impact on defending IoT against intrusion attacks in the present day and the future (Bhunia & Gurusamy,2017). Providing multiple mitigation services is as important as developing robust systems that can defend themselves against attacks but each the latter can be bypassed at times. Bhunia & Gurusamy (2017) further states that the way to prevent these attacks is not as easy as it can be seen on paper as these continue to evolve daily.
According to surveys done by Bhunia & Gurusamy (2017), there has been a 140% increase in attacks in quarter 4 of 2016 as compared to the same period in 2015. Several ideas have been proposed in a way to ensure that IoT systems are defended from intrusion attacks. Bhunia & Gurusamy (2017) suggests that the first important aspect is blocking especially when the information of the attack traffic is precise and overlaps the system without legitimate traffic. Customers can result in ISP and request them to block the specific traffic. Another important way is by rate limiting which essentially means limiting the rate of the suspicious activity and traffic (Bhunia & Gurusamy,2017) To achieve the results of the study, quantitative methods were used with data being collected from different customers and the Internet Service Providers especially on challenges that they face when dealing with IoT systems and issues to do with intrusion. Overall, in a fixed typology consisting of 34 nodes and 56 links connecting the different nodes, it is easy to generate legitimate traffic and the exponential distribution is two units and this is proof that anything beyond traffic of 2 units is not legitimate and could mean an intrusion (Bhunia & Gurusamy, 2017)
.
References
Nobakht, M., Sivaraman, V., & Boreli, R. (2016, August). Host-Based intrusion detection and mitigation framework for smart home IoT using OpenFlow. In 2016 11th International conference on availability, reliability, and security (ARES) (pp. 147-156). IEEE.
Bhunia, S. S., & Gurusamy, M. (2017, November). Dynamic attack detection and mitigation in IoT using SDN. In 2017 27th International Telecommunication Networks and Applications Conference (ITNAC) (pp. 1-6). IEEE.
Lee, S. Y., Wi, S. R., Seo, E., Jung, J. K., & Chung, T. M. (2017, November). ProFiOt: Abnormal Behavior Profiling (ABP) of IoT devices based on a machine learning approach. In 2017 27th International Telecommunication Networks and Applications Conference (ITNAC) (pp. 1-6). IEEE.
Defending IoT against Intrusion Attacks Outline