IoT Gateway Integrity Checking Protocol
Resumo
Internet of Things (IoT) gateways connected to the Internet and to IoT devices and running conventional operating systems and communication protocols, are valuable targets for malicious attackers. Once taken over, a compromised gateway can alter, drop or insert data while it bridges information from the IoT devices to the applications running on the Cloud. In this work we present the Gateway Integrity Checking Protocol (GIP), which uses a gossip protocol to collect data form subsets of IoT devices to answer a challenge sent by an External Security Agent (ESA). The response is used to verify if data is arriving untampered to the Cloud. The communication between the ESA and the nodes is secured by keys not accessible by the gateway. We evaluate the time and energy overhead caused by hash calculation at the devices. The impact of the proposed solution on the energy consumption and lifetime of the network is also evaluated through simulations.
Referências
A.-R. Sadeghi C. Wachsmann M. Waidner "Security and privacy challenges in industrial internet of things" Proceedings of the 52nd Annual Design Automation Conference on - DAC ‘15 2015 [online] Available: https://doi.org/10.1145/2744769.2747942.
Q. Zhu R. Wang Q. Chen Y. Liu W. Qin "IOT gateway: Bridging Wireless sensor networks into internet of things" 2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing Dec. 2010 [online] Available: https://doi.org/10.1109/euc.2010.58.
C.-W. Hung W.-T. Hsu "Power consumption and calculation requirement analysis of AES for WSN IoT" Sensors vol. 18 no. 6 pp. 1675 May 2018 [online] Available: https://doi.org/10.3390/s18061675.
D. Resner "Performance evaluation of the trustful space-time protocol" Master’s thesis 2018 [online] Available: http://www.lisha.ufsc.br/pub/Resner_MSC_2018.pdf.
A. A. Fröhlich R. M. Scheffel D. Kozhaya P. E. Veríssimo "Byzantine Resilient Protocol for the IoT" IEEE Internet of Things Journal pp. 1-9 2018.
A. A. Fröhlich "SmartData: an IoT-Ready API for Sensor Networks" International Journal of Sensor Networks vol. 28 no. 3 pp. 202-210 2018.
R. Mitchell I.-R. Chen "A survey of intrusion detection techniques for cyber-physical systems" ACM Computing Surveys vol. 46 no. 4 pp. 1-29 Mar. 2014 [online] Available: https://doi.org/10.1145/2542049.
T. Nguyen S. Marchal M. Miettinen M. Hoang Dang N. Asokan A.-R. Sadeghi "Diot: A crowdsourced self-learning approach for detecting compromised iot devices" 04 2018.
N. V. Abhishek T. J. Lim B. Sikdar A. Tandon "An intrusion detection system for detecting compromised gateways in clustered IoT networks" 2018 IEEE International Workshop Technical Committee on Communications Quality and Reliability (CQR) May 2018 [online] Available: https://doi.org/10.1109/cqr.2018.8445985.
R. Cao E. Graves T. F. Wong T. Lv "Detecting substitution attacks against non-colluding relays" 2013 IEEE Global Communications Conference (GLOBECOM) Dec. 2013 [online] Available: https://doi.org/10.1109/glocom.2013.6831344.
K. Jenkins K. Hopkinson K. Birman "A gossip protocol for subgroup multicast" Proceedings 21st International Conference on Distributed Computing Systems Workshops 2001 [online] Available: https://doi.org/10.1109/cdcs.2001.918682.
D. Resner A. A. Fröhlich "Speculative Precision Time Protocol: submicrosecond clock synchronization for the IoT" 21st IEEE International Conference on Emerging Technologies and Factory Automation (ETFA 2016) pp. 1-8 Sep. 2016.
IEEE standard for a precision clock synchronization protocol for networked measurement and control systems [online] Available: https://doi.org/10.1109/ieeestd.2002.94144.
R. Reghelin A. A. Fröhlich "A decentralized location system for sensor networks using cooperative calibration and heuristics" Proceedings of the 9th ACM international symposium on Modeling analysis and simulation of wireless and mobile systems - MSWiM ‘06 2006 [online] Available: https://doi.org/10.1145/1164717.1164742.
R. Scheffel A. A. Fröhlich "FT-TSTP: A Multi-Gateway Fully Reactive Geographical Routing Protocol to Improve WSN Reliability" IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS) pp. 1-6 Dec. 2018.
Sec 1: Elliptic curve cryptography 2010 [online] Available: http://www.secg.org/sec1-v2.pdf.
Sec 2: Recommended elliptic curve domain parameters 2010 [online] Available: https://www.secg.org/sec2-v2.pdf.
D. J. Bernstein "The poly1305-aes message-authentication code" Proceedings of Fast Software Encryption pp. 32-49 February 2005.
R. M. Needham M. D. Schroeder "Using encryption for authentication in large networks of computers" Communications of the ACM vol. 21 no. 12 pp. 993-999 Dec. 1978 [online] Available: https://doi.org/10.1145/359657.359659.
D. Dolev A. C. Yao "On the security of public key protocols" 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981) Oct. 1981 [online] Available: https://doi.org/10.1109/sfcs.1981.32.
G. Lowe "Breaking and fixing the needham-schroeder public-key protocol using fdr" Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems ser. TACAs ‘96 pp. 147-166 1996 [online] Available: http://dl.acm.org/citation.cfm?id=646480.693776.
OMNeT++ - Objective Modular Network Testbed in C++ 2017 [online] Available: https://omnetpp.org/.
A. Boulis Castalia A simulator for Wireless Sensor Networks and Body Area Networks 2017 [online] Available: https://github.com/boulis/Castalia.
EPOS embedded parallel operating system [online] Available: https://epos.lisha.ufsc.br/HomePage.
Cc2538 powerful wireless microcontroller system-on-chip for 2.4-ghz ieee 802.15.4 6lowpan and zigbee® applications [online] Available: http://www.ti.com/lit/ds/symlink/cc2538.pdf.