Implementação de um filtro de pacotes inteligente para dispositivos de Internet das Coisas
Abstract
Cybersecurity is crucial for digital transformation as many computing assets are exposed on the network. In this context, attackers exploit vulnerabilities and proceed with privilege escalation to perform malicious actions. Despite this, there are few solutions to protect Internet of Things devices. Thus, this article presents the T800 packet filter to provide low resource consumption and packet filtering with advanced algorithms. The results show the efficiency of the T800 via implementation and experimentation through the ESP32 board and the ESP-IDF system. Furthermore, T800 increased the device's computational capacity by excluding unsolicited malicious traffic from the processing pipeline.
References
Al-Sarawi, S., Anbar, M., Abdullah, R., and Al Hawari, A. B. (2020). Internet of things market analysis forecasts, 2020–2030. In 2020 Fourth World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4), pages 449–453.
Ben Achballah, A., Ben Othman, S., and Ben Saoud, S. (2018). Fw ip: A flexible and lightweight hardware firewall for noc-based systems. In 2018 International Conference on Advanced Systems and Electric Technologies (IC ASET), pages 261–265.
Bertino, E. and Islam, N. (2017). Botnets and internet of things security. Computer, 50(2):76–79.
Bertoli, G. D. C., Júnior, L. A. P., Saotome, O., Dos Santos, A. L., Verri, F. A. N., Marcondes, C. A. C., Barbieri, S., Rodrigues, M. S., and De Oliveira, J. M. P. (2021). An end-to-end framework for machine learning-based network intrusion detection system. IEEE Access, 9:106790–106805.
Chacos, B. (2016). Major ddos attack on dyn dns knocks spotify, twitter, github, paypal, and more offline. [link]. Publicado em 21/10/2016; acessado em 28/02/2022.
Dunkels, A. (2001). Design and implementation of the lwip tcp/ip stack. Swedish Institute of Computer Science, 2(77).
Filus, K., Dománska, J., and Gelenbe, E. (2021). Random neural network for lightweight attack detection in the iot. In Calzarossa, M. C., Gelenbe, E., Grochla, K., Lent, R., and Czachórski, T., editors, Modelling, Analysis, and Simulation of Computer and Telecommunication Systems, pages 79–91, Cham. Springer International Publishing.
Fontugne, R., Borgnat, P., Abry, P., and Fukuda, K. (2010). Mawilab: combining diverse anomaly detectors for automated anomaly labeling and performance benchmarking. In Proceedings of the 6th International COnference, pages 1–12.
Glatz, E. and Dimitropoulos, X. (2012). Classifying internet one-way traffic. In Proceedings of the 2012 Internet Measurement Conference, IMC’12.
Gupta, N., Naik, V., and Sengupta, S. (2017). A firewall for internet of things. In 2017 9th International Conference on Communication Systems and Networks (COMSNETS).
Idzikowski, F., Chiaraviglio, L., Liu, W., and van de Beek, J. (2018). Future internet architectures and sustainability: An overview. In 2018 IEEE International Conference on Environmental Engineering (EE), pages 1–5.
Jan, S. U., Ahmed, S., Shakhov, V., and Koo, I. (2019). Toward a lightweight intrusion detection system for the internet of things. IEEE Access, 7:42450–42471.
Klint, C. (2021). These are the top risks for business in the post-covid world. [link]. Publicado em 19/01/2021; acessado em 28/02/2022.
Lee, Y. and Lee, Y. (2012). Toward scalable internet traffic measurement and analysis with hadoop. SIGCOMM Comput. Commun. Rev., 43(1):5–13.
Lobo, S. (2019). Understanding the cost of a cybersecurity attack: The losses organizations face. [link]. Publicado em 31/03/2019; acessado em 28/02/2022.
McLennan, M. (2021). The global risks report 2021 16th edition. https://www.weforum.org/reports/the-global-risks-report-2021.
McMillen, D. (2021). Internet of threats: Iot botnets drive surge in network attacks. [link]. Publicado em 22/04/2021; acessado em 28/02/2022.
Niedermaier, M., Striegel, M., Sauer, F., Merli, D., and Sigl, G. (2019). Efficient intrusion detection on low-performance industrial iot edge node devices.
Soe, Y. N., Feng, Y., Santosa, P. I., Hartanto, R., and Sakurai, K. (2020). Implementing lightweight iot-ids on raspberry pi using correlation-based feature selection and its performance evaluation. In Barolli, L., Takizawa, M., Xhafa, F., and Enokido, T., editors, Advanced Information Networking and Applications, Cham. Springer Intl. Publish.
Viegas, E., Santin, A. O., and Abreu Jr, V. (2021). Machine learning intrusion detection in big data era: A multi-objective approach for longer model lifespans. IEEE Transactions on Network Science and Engineering, 8(1):366–376.
Yadav, T. and Rao, A. M. (2015). Technical aspects of cyber kill chain. In Abawajy, J. H., Mukherjea, S., Thampi, S. M., and Ruiz-Martínez, A., editors, Security in Computing and Communications, pages 438–452, Cham. Springer International Publishing.
Ben Achballah, A., Ben Othman, S., and Ben Saoud, S. (2018). Fw ip: A flexible and lightweight hardware firewall for noc-based systems. In 2018 International Conference on Advanced Systems and Electric Technologies (IC ASET), pages 261–265.
Bertino, E. and Islam, N. (2017). Botnets and internet of things security. Computer, 50(2):76–79.
Bertoli, G. D. C., Júnior, L. A. P., Saotome, O., Dos Santos, A. L., Verri, F. A. N., Marcondes, C. A. C., Barbieri, S., Rodrigues, M. S., and De Oliveira, J. M. P. (2021). An end-to-end framework for machine learning-based network intrusion detection system. IEEE Access, 9:106790–106805.
Chacos, B. (2016). Major ddos attack on dyn dns knocks spotify, twitter, github, paypal, and more offline. [link]. Publicado em 21/10/2016; acessado em 28/02/2022.
Dunkels, A. (2001). Design and implementation of the lwip tcp/ip stack. Swedish Institute of Computer Science, 2(77).
Filus, K., Dománska, J., and Gelenbe, E. (2021). Random neural network for lightweight attack detection in the iot. In Calzarossa, M. C., Gelenbe, E., Grochla, K., Lent, R., and Czachórski, T., editors, Modelling, Analysis, and Simulation of Computer and Telecommunication Systems, pages 79–91, Cham. Springer International Publishing.
Fontugne, R., Borgnat, P., Abry, P., and Fukuda, K. (2010). Mawilab: combining diverse anomaly detectors for automated anomaly labeling and performance benchmarking. In Proceedings of the 6th International COnference, pages 1–12.
Glatz, E. and Dimitropoulos, X. (2012). Classifying internet one-way traffic. In Proceedings of the 2012 Internet Measurement Conference, IMC’12.
Gupta, N., Naik, V., and Sengupta, S. (2017). A firewall for internet of things. In 2017 9th International Conference on Communication Systems and Networks (COMSNETS).
Idzikowski, F., Chiaraviglio, L., Liu, W., and van de Beek, J. (2018). Future internet architectures and sustainability: An overview. In 2018 IEEE International Conference on Environmental Engineering (EE), pages 1–5.
Jan, S. U., Ahmed, S., Shakhov, V., and Koo, I. (2019). Toward a lightweight intrusion detection system for the internet of things. IEEE Access, 7:42450–42471.
Klint, C. (2021). These are the top risks for business in the post-covid world. [link]. Publicado em 19/01/2021; acessado em 28/02/2022.
Lee, Y. and Lee, Y. (2012). Toward scalable internet traffic measurement and analysis with hadoop. SIGCOMM Comput. Commun. Rev., 43(1):5–13.
Lobo, S. (2019). Understanding the cost of a cybersecurity attack: The losses organizations face. [link]. Publicado em 31/03/2019; acessado em 28/02/2022.
McLennan, M. (2021). The global risks report 2021 16th edition. https://www.weforum.org/reports/the-global-risks-report-2021.
McMillen, D. (2021). Internet of threats: Iot botnets drive surge in network attacks. [link]. Publicado em 22/04/2021; acessado em 28/02/2022.
Niedermaier, M., Striegel, M., Sauer, F., Merli, D., and Sigl, G. (2019). Efficient intrusion detection on low-performance industrial iot edge node devices.
Soe, Y. N., Feng, Y., Santosa, P. I., Hartanto, R., and Sakurai, K. (2020). Implementing lightweight iot-ids on raspberry pi using correlation-based feature selection and its performance evaluation. In Barolli, L., Takizawa, M., Xhafa, F., and Enokido, T., editors, Advanced Information Networking and Applications, Cham. Springer Intl. Publish.
Viegas, E., Santin, A. O., and Abreu Jr, V. (2021). Machine learning intrusion detection in big data era: A multi-objective approach for longer model lifespans. IEEE Transactions on Network Science and Engineering, 8(1):366–376.
Yadav, T. and Rao, A. M. (2015). Technical aspects of cyber kill chain. In Abawajy, J. H., Mukherjea, S., Thampi, S. M., and Ruiz-Martínez, A., editors, Security in Computing and Communications, pages 438–452, Cham. Springer International Publishing.
Published
2022-05-23
How to Cite
FERNANDES, Gabriel Victor C.; MONICI, Pedro H. Borges; GUIBO, César H. de Araujo; BERTOLI, Gustavo de Carvalho; SANTOS, Aldri; PEREIRA JR., Lourenço Alves.
Implementação de um filtro de pacotes inteligente para dispositivos de Internet das Coisas. In: BRAZILIAN SYMPOSIUM ON COMPUTER NETWORKS AND DISTRIBUTED SYSTEMS (SBRC), 40. , 2022, Fortaleza.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2022
.
p. 238-251.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc.2022.222301.
