Arquitetura de IPS para redes IoT sobrepostas em SDN
Resumo
A programabilidade resultante da abordagem Software Defined Networking (SDN) facilita a integração das funcionalidades de firewalls, sistemas de prevenção de intrusão (IPS) e switches, permitindo a rápida reconfiguração da rede em caso de detecção de anomalias. Neste artigo, a arquitetura proposta visa estruturar uma medida de segurança distribuída que integra firewall, IPS, switches e uma entidade controladora para suportar instâncias de Internet das Coisas (IoT), permitindo a identificação de comportamento anômalo de dispositivos IoT pelo IPS, levando então a SDN a bloquear os ataques o mais próximo possível das fontes, reduzindo o volume de tráfego malicioso e isolando o dispositivo infectado do resto da rede..Referências
Bonomi, F., Milito, R., Zhu, J., and Addepalli, S. (2012). Fog computing and its role in the internet of things. In Proceedings of the rst edition of the MCC workshop on Mobile cloud computing, pages 13–16, Helsinki, Finland. ACM.
Bull, P., Austin, R., Popov, E., Sharma, M., and Watson, R. (2016). Flow based security for IoT devices using an SDN gateway. In 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), pages 157–163, Vienna, Austria. IEEE.
Cho, E. J., Kim, J. H., and Hong, C. S. (2009). Attack model and detection scheme for botnet on 6LoWPAN. In Asia-Pacic Network Operations and Management Symposium, pages 515–518, Jeju, South Korea. Springer.
de Jesus, W. P., da Silva, D. A., de Sousa, Jr., R. T., and da Frota, F. V. L. (2014). Analysis of SDN contributions for cloud computing security. In 2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing, pages 922–927.
Ferreira, H. G. C. and de Sousa Jr, R. T. (2017). Security analysis of a proposed internet of things middleware. Cluster Computing, 20(1):651–660.
Gubbi, J., Buyya, R., Marusic, S., and Palaniswami, M. (2013). Internet of Things (IoT): A vision, architectural elements, and future directions. Future Generation Computer Systems, 29(7):1645–1660.
Hamza, A., Gharakheili, H. H., and Sivaraman, V. (2018). Combining mud policies with sdn for iot intrusion detection. In Proceedings of the 2018 Workshop on IoT Security and Privacy, pages 1–7. ACM.
Jin, R. and Wang, B. (2013). Malware detection for mobile devices using software-dened networking. In 2013 Second GENI Research and Educational Experiment Workshop, pages 81–88. IEEE.
Kasinathan, P., Pastrone, C., Spirito, M. A., and Vinkovits, M. (2013). Denial-of-service detection in 6LoWPAN based internet of things. In 2013 IEEE 9th international conference on wireless and mobile computing, networking and communications (WiMob), pages 600–607, Lyon, France. IEEE.
Kolias, C., Kambourakis, G., Stavrou, A., and Voas, J. (2017). DDoS in the IoT: Mirai and other botnets. Computer, 50(7):80–84.
Kreutz, D., Ramos, F. M., Verissimo, P., Rothenberg, C. E., Azodolmolky, S., and Uhlig, S. (2015). Software-dened networking: A comprehensive survey. Proceedings of the IEEE, 103(1):14–76.
Lear, E., Romascanu, D., and Droms, R. (2019). Manufacturer usage description specication.
Mell, P. and Grance, T. (2011). The NIST Denition of Cloud Computing. Technical report, National Institute of Standards and Technology, Gaithersburg, MD, USA.
Raza, S., Wallgren, L., and Voigt, T. (2013). SVELTE: Real-time intrusion detection in the internet of things. Ad hoc networks, 11(8):2661–2674.
Roesch, M. (1999). Snort: Lightweight intrusion detection for networks. In Proceedings of LISA '99: 13th Systems Administration Conference, pages 229–238, Seattle, WA, USA.
Bull, P., Austin, R., Popov, E., Sharma, M., and Watson, R. (2016). Flow based security for IoT devices using an SDN gateway. In 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), pages 157–163, Vienna, Austria. IEEE.
Cho, E. J., Kim, J. H., and Hong, C. S. (2009). Attack model and detection scheme for botnet on 6LoWPAN. In Asia-Pacic Network Operations and Management Symposium, pages 515–518, Jeju, South Korea. Springer.
de Jesus, W. P., da Silva, D. A., de Sousa, Jr., R. T., and da Frota, F. V. L. (2014). Analysis of SDN contributions for cloud computing security. In 2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing, pages 922–927.
Ferreira, H. G. C. and de Sousa Jr, R. T. (2017). Security analysis of a proposed internet of things middleware. Cluster Computing, 20(1):651–660.
Gubbi, J., Buyya, R., Marusic, S., and Palaniswami, M. (2013). Internet of Things (IoT): A vision, architectural elements, and future directions. Future Generation Computer Systems, 29(7):1645–1660.
Hamza, A., Gharakheili, H. H., and Sivaraman, V. (2018). Combining mud policies with sdn for iot intrusion detection. In Proceedings of the 2018 Workshop on IoT Security and Privacy, pages 1–7. ACM.
Jin, R. and Wang, B. (2013). Malware detection for mobile devices using software-dened networking. In 2013 Second GENI Research and Educational Experiment Workshop, pages 81–88. IEEE.
Kasinathan, P., Pastrone, C., Spirito, M. A., and Vinkovits, M. (2013). Denial-of-service detection in 6LoWPAN based internet of things. In 2013 IEEE 9th international conference on wireless and mobile computing, networking and communications (WiMob), pages 600–607, Lyon, France. IEEE.
Kolias, C., Kambourakis, G., Stavrou, A., and Voas, J. (2017). DDoS in the IoT: Mirai and other botnets. Computer, 50(7):80–84.
Kreutz, D., Ramos, F. M., Verissimo, P., Rothenberg, C. E., Azodolmolky, S., and Uhlig, S. (2015). Software-dened networking: A comprehensive survey. Proceedings of the IEEE, 103(1):14–76.
Lear, E., Romascanu, D., and Droms, R. (2019). Manufacturer usage description specication.
Mell, P. and Grance, T. (2011). The NIST Denition of Cloud Computing. Technical report, National Institute of Standards and Technology, Gaithersburg, MD, USA.
Raza, S., Wallgren, L., and Voigt, T. (2013). SVELTE: Real-time intrusion detection in the internet of things. Ad hoc networks, 11(8):2661–2674.
Roesch, M. (1999). Snort: Lightweight intrusion detection for networks. In Proceedings of LISA '99: 13th Systems Administration Conference, pages 229–238, Seattle, WA, USA.
Publicado
02/09/2019
Como Citar
GONÇALVES, Daniel; KFOURI, Guilherme; DUTRA, Bruno; DE ALENCASTRO, João; DE CALDAS FILHO, Francisco; MARTINS, Lucas; ALBUQUERQUE, Robson; DE SOUSA JR., Rafael.
Arquitetura de IPS para redes IoT sobrepostas em SDN. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 19. , 2019, São Paulo.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2019
.
p. 309-322.
DOI: https://doi.org/10.5753/sbseg.2019.13980.