Implementação de um filtro de pacotes inteligente para dispositivos de Internet das Coisas
Resumo
A Segurança Cibernética é uma questão crucial a medida que muitos ativos computacionais ficam expostos na rede. Nesse contexto, os atacantes exploram vulnerabilidades e escalam privilégios para executar ações maliciosas. Essa exposição exige soluções para proteção de dispositivos de Internet das Coisas. Assim, este artigo apresenta o filtro de pacotes T800 capaz de proporcionar baixo consumo computacional e filtragem de pacotes com algoritmos avançados. Os resultados evidenciam a eficiência do T800 por meio de implementação e experimentação através da placa ESP32 e do sistema ESPIDF. Mais ainda, T800 foi capaz de aumentar a capacidade computacional do dispositivo tendo em vista que o tráfego malicioso é excluído do processamento.
Referências
Al-Sarawi, S., Anbar, M., Abdullah, R., and Al Hawari, A. B. (2020). Internet of things market analysis forecasts, 2020–2030. In 2020 Fourth World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4), pages 449–453.
Ben Achballah, A., Ben Othman, S., and Ben Saoud, S. (2018). Fw ip: A flexible and lightweight hardware firewall for noc-based systems. In 2018 International Conference on Advanced Systems and Electric Technologies (IC ASET), pages 261–265.
Bertino, E. and Islam, N. (2017). Botnets and internet of things security. Computer, 50(2):76–79.
Bertoli, G. D. C., Júnior, L. A. P., Saotome, O., Dos Santos, A. L., Verri, F. A. N., Marcondes, C. A. C., Barbieri, S., Rodrigues, M. S., and De Oliveira, J. M. P. (2021). An end-to-end framework for machine learning-based network intrusion detection system. IEEE Access, 9:106790–106805.
Chacos, B. (2016). Major ddos attack on dyn dns knocks spotify, twitter, github, paypal, and more offline. [link]. Publicado em 21/10/2016; acessado em 28/02/2022.
Dunkels, A. (2001). Design and implementation of the lwip tcp/ip stack. Swedish Institute of Computer Science, 2(77).
Filus, K., Dománska, J., and Gelenbe, E. (2021). Random neural network for lightweight attack detection in the iot. In Calzarossa, M. C., Gelenbe, E., Grochla, K., Lent, R., and Czachórski, T., editors, Modelling, Analysis, and Simulation of Computer and Telecommunication Systems, pages 79–91, Cham. Springer International Publishing.
Fontugne, R., Borgnat, P., Abry, P., and Fukuda, K. (2010). Mawilab: combining diverse anomaly detectors for automated anomaly labeling and performance benchmarking. In Proceedings of the 6th International COnference, pages 1–12.
Glatz, E. and Dimitropoulos, X. (2012). Classifying internet one-way traffic. In Proceedings of the 2012 Internet Measurement Conference, IMC’12.
Gupta, N., Naik, V., and Sengupta, S. (2017). A firewall for internet of things. In 2017 9th International Conference on Communication Systems and Networks (COMSNETS).
Idzikowski, F., Chiaraviglio, L., Liu, W., and van de Beek, J. (2018). Future internet architectures and sustainability: An overview. In 2018 IEEE International Conference on Environmental Engineering (EE), pages 1–5.
Jan, S. U., Ahmed, S., Shakhov, V., and Koo, I. (2019). Toward a lightweight intrusion detection system for the internet of things. IEEE Access, 7:42450–42471.
Klint, C. (2021). These are the top risks for business in the post-covid world. [link]. Publicado em 19/01/2021; acessado em 28/02/2022.
Lee, Y. and Lee, Y. (2012). Toward scalable internet traffic measurement and analysis with hadoop. SIGCOMM Comput. Commun. Rev., 43(1):5–13.
Lobo, S. (2019). Understanding the cost of a cybersecurity attack: The losses organizations face. [link]. Publicado em 31/03/2019; acessado em 28/02/2022.
McLennan, M. (2021). The global risks report 2021 16th edition. https://www.weforum.org/reports/the-global-risks-report-2021.
McMillen, D. (2021). Internet of threats: Iot botnets drive surge in network attacks. [link]. Publicado em 22/04/2021; acessado em 28/02/2022.
Niedermaier, M., Striegel, M., Sauer, F., Merli, D., and Sigl, G. (2019). Efficient intrusion detection on low-performance industrial iot edge node devices.
Soe, Y. N., Feng, Y., Santosa, P. I., Hartanto, R., and Sakurai, K. (2020). Implementing lightweight iot-ids on raspberry pi using correlation-based feature selection and its performance evaluation. In Barolli, L., Takizawa, M., Xhafa, F., and Enokido, T., editors, Advanced Information Networking and Applications, Cham. Springer Intl. Publish.
Viegas, E., Santin, A. O., and Abreu Jr, V. (2021). Machine learning intrusion detection in big data era: A multi-objective approach for longer model lifespans. IEEE Transactions on Network Science and Engineering, 8(1):366–376.
Yadav, T. and Rao, A. M. (2015). Technical aspects of cyber kill chain. In Abawajy, J. H., Mukherjea, S., Thampi, S. M., and Ruiz-Martínez, A., editors, Security in Computing and Communications, pages 438–452, Cham. Springer International Publishing.
Ben Achballah, A., Ben Othman, S., and Ben Saoud, S. (2018). Fw ip: A flexible and lightweight hardware firewall for noc-based systems. In 2018 International Conference on Advanced Systems and Electric Technologies (IC ASET), pages 261–265.
Bertino, E. and Islam, N. (2017). Botnets and internet of things security. Computer, 50(2):76–79.
Bertoli, G. D. C., Júnior, L. A. P., Saotome, O., Dos Santos, A. L., Verri, F. A. N., Marcondes, C. A. C., Barbieri, S., Rodrigues, M. S., and De Oliveira, J. M. P. (2021). An end-to-end framework for machine learning-based network intrusion detection system. IEEE Access, 9:106790–106805.
Chacos, B. (2016). Major ddos attack on dyn dns knocks spotify, twitter, github, paypal, and more offline. [link]. Publicado em 21/10/2016; acessado em 28/02/2022.
Dunkels, A. (2001). Design and implementation of the lwip tcp/ip stack. Swedish Institute of Computer Science, 2(77).
Filus, K., Dománska, J., and Gelenbe, E. (2021). Random neural network for lightweight attack detection in the iot. In Calzarossa, M. C., Gelenbe, E., Grochla, K., Lent, R., and Czachórski, T., editors, Modelling, Analysis, and Simulation of Computer and Telecommunication Systems, pages 79–91, Cham. Springer International Publishing.
Fontugne, R., Borgnat, P., Abry, P., and Fukuda, K. (2010). Mawilab: combining diverse anomaly detectors for automated anomaly labeling and performance benchmarking. In Proceedings of the 6th International COnference, pages 1–12.
Glatz, E. and Dimitropoulos, X. (2012). Classifying internet one-way traffic. In Proceedings of the 2012 Internet Measurement Conference, IMC’12.
Gupta, N., Naik, V., and Sengupta, S. (2017). A firewall for internet of things. In 2017 9th International Conference on Communication Systems and Networks (COMSNETS).
Idzikowski, F., Chiaraviglio, L., Liu, W., and van de Beek, J. (2018). Future internet architectures and sustainability: An overview. In 2018 IEEE International Conference on Environmental Engineering (EE), pages 1–5.
Jan, S. U., Ahmed, S., Shakhov, V., and Koo, I. (2019). Toward a lightweight intrusion detection system for the internet of things. IEEE Access, 7:42450–42471.
Klint, C. (2021). These are the top risks for business in the post-covid world. [link]. Publicado em 19/01/2021; acessado em 28/02/2022.
Lee, Y. and Lee, Y. (2012). Toward scalable internet traffic measurement and analysis with hadoop. SIGCOMM Comput. Commun. Rev., 43(1):5–13.
Lobo, S. (2019). Understanding the cost of a cybersecurity attack: The losses organizations face. [link]. Publicado em 31/03/2019; acessado em 28/02/2022.
McLennan, M. (2021). The global risks report 2021 16th edition. https://www.weforum.org/reports/the-global-risks-report-2021.
McMillen, D. (2021). Internet of threats: Iot botnets drive surge in network attacks. [link]. Publicado em 22/04/2021; acessado em 28/02/2022.
Niedermaier, M., Striegel, M., Sauer, F., Merli, D., and Sigl, G. (2019). Efficient intrusion detection on low-performance industrial iot edge node devices.
Soe, Y. N., Feng, Y., Santosa, P. I., Hartanto, R., and Sakurai, K. (2020). Implementing lightweight iot-ids on raspberry pi using correlation-based feature selection and its performance evaluation. In Barolli, L., Takizawa, M., Xhafa, F., and Enokido, T., editors, Advanced Information Networking and Applications, Cham. Springer Intl. Publish.
Viegas, E., Santin, A. O., and Abreu Jr, V. (2021). Machine learning intrusion detection in big data era: A multi-objective approach for longer model lifespans. IEEE Transactions on Network Science and Engineering, 8(1):366–376.
Yadav, T. and Rao, A. M. (2015). Technical aspects of cyber kill chain. In Abawajy, J. H., Mukherjea, S., Thampi, S. M., and Ruiz-Martínez, A., editors, Security in Computing and Communications, pages 438–452, Cham. Springer International Publishing.
Publicado
23/05/2022
Como Citar
FERNANDES, Gabriel Victor C.; MONICI, Pedro H. Borges; GUIBO, César H. de Araujo; BERTOLI, Gustavo de Carvalho; SANTOS, Aldri; PEREIRA JR., Lourenço Alves.
Implementação de um filtro de pacotes inteligente para dispositivos de Internet das Coisas. In: SIMPÓSIO BRASILEIRO DE REDES DE COMPUTADORES E SISTEMAS DISTRIBUÍDOS (SBRC), 40. , 2022, Fortaleza.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2022
.
p. 238-251.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc.2022.222301.
