Um controle de associações resistente a ataques Sybil para a disseminação segura de conteúdo da IoT
Resumo
A Internet das coisas (IoT) compreenderá uma diversidade de objetos heterogêneos integrados que coletam e disseminam conteúdo com diferentes propósitos de aplicações. Logo, uma disseminação segura na IoT é essencial, visto que ela está sujeita a diversas ações maliciosas, como a personificação de identidades por ataques Sybil que buscam violar a confidencialidade do conteúdo disseminado. Contudo, as técnicas existentes de detecção de ataques Sybil desconsideram o uso de identidades roubadas e de dispositivos heterogêneos, e em geral são custosas. Este trabalho apresenta um mecanismo de controle de associações para IoT, chamado SA2CI, que previne o acesso de atacantes Sybil ao serviço de disseminação de conteúdo. O SA2CI emprega criptografia de curvas elípticas (ECC) que prover uma distribuição de chaves e criação de um canal seguro com baixo custo, aplica funções não clonáveis (PUF) na comprovação da identidade dos dispositivos, e recibos de identidade para garantir a legitimidade dos dispositivos. Uma avaliação feita no NS3 mostra a eficácia do SA2CI no controle de associações diante de ataques Sybil.Referências
Abbas, S., Merabti, M., Llewellyn-Jones, D., and Kifayat, K. Lightweight sybil attack detection in manets. Systems Journal, 2013, páginas:236–248.
Chatzigiannakis, I., Pyrgelis, A., Spirakis, P. G., and Stamatiou, Y. C. Elliptic curve based zero knowledge proofs and their applicability on resource constrained devices. In 8th International Conference on Mobile Adhoc and Sensor Systems (MASS), 2011, páginas 715–720.
Choden Konigsmark, S., Hwang, L. K., Chen, D., and Wong, M. D. System-of-pufs: Multilevel security for embedded systems. In Hardware/Software Codesign and System Synthesis (CODES+ ISSS), 2014, páginas 1–10.
Evangelista, D., dos Santos, A., and Nogueira, M. Avaliação das técnicas de detecção do ataque sybil na disseminação de conteúdo da internet das coisas. In XV Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais (SBseg), 2015.
Guicheng, S. and Zhen, Y.. Application of elliptic curve cryptography in node authentication of internet of things. In Ninth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, 2013.
Le, V.-D., Scholten, H., and Havinga, P. Unified routing for data dissemination in smart city networks. In 3rd International Conference on the Internet of Things, 2012, páginas 175-182.
Mahalle, P. N., Anggorojati, B., Prasad, N. R., and Prasad, R.. Identity establishment and capability based access control (IECAC) scheme for internet of things. In 15th International Symposium on Wireless Personal Multimedia Communications (WPMC), 2012, páginas 187–191.
Park, S., Aslam, B., Turgut, D., and Zou, C. C. Defense against sybil attack in the initial deployment stage of vehicular ad hoc network based on roadside unit support. Security and Communication Networks, 2013, páginas 523–538.
Perera, C., Zaslavsky, A., Christen, P., and Georgakopoulos, D. Sensing as a service model for smart cities supported by internet of things. Transactions on Emerging Telecommunications Technologies, páginas 81–93.
Pinol, O. P., Raza, S., Eriksson, J., and Voigt, T. Bsd-based elliptic curve cryptography for the open internet of things. In 7th International Conference New Technologies, Mobility and Security (NTMS), 2015, páginas 1-5.
Quercia, D. and Hailes, S. Sybil attacks against mobile users: friends and foes to the rescue. In INFOCOM, 2010, páginas 1–5.
Vamsi, P. R. and Kant, K. A lightweight sybil attack detection framework for wireless sensor networks. In Seventh International Conference on Contemporary Computing (IC3), 2014 páginas 387–393.
Wallgren, L., Raza, S., and Voigt, T. Routing attacks and countermeasures in the RPL-based Internet of things. International Journal of Distributed Sensor Networks, 2013.
Wu, C.-C., Chang, C.-C., and Lin, I.-C.. New sealed-bid electronic auction with fairness, security and efficiency. Journal of Computer Science and Technology, 2008, páginas 253–264.
Zheng, J. X. and Potkonjak, M. A digital puf-based ip protection architecture for network embedded systems. In Proceedings of the tenth ACM/IEEE symposium on Architectures for networking and communications systems, páginas 255–256.
Chatzigiannakis, I., Pyrgelis, A., Spirakis, P. G., and Stamatiou, Y. C. Elliptic curve based zero knowledge proofs and their applicability on resource constrained devices. In 8th International Conference on Mobile Adhoc and Sensor Systems (MASS), 2011, páginas 715–720.
Choden Konigsmark, S., Hwang, L. K., Chen, D., and Wong, M. D. System-of-pufs: Multilevel security for embedded systems. In Hardware/Software Codesign and System Synthesis (CODES+ ISSS), 2014, páginas 1–10.
Evangelista, D., dos Santos, A., and Nogueira, M. Avaliação das técnicas de detecção do ataque sybil na disseminação de conteúdo da internet das coisas. In XV Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais (SBseg), 2015.
Guicheng, S. and Zhen, Y.. Application of elliptic curve cryptography in node authentication of internet of things. In Ninth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, 2013.
Le, V.-D., Scholten, H., and Havinga, P. Unified routing for data dissemination in smart city networks. In 3rd International Conference on the Internet of Things, 2012, páginas 175-182.
Mahalle, P. N., Anggorojati, B., Prasad, N. R., and Prasad, R.. Identity establishment and capability based access control (IECAC) scheme for internet of things. In 15th International Symposium on Wireless Personal Multimedia Communications (WPMC), 2012, páginas 187–191.
Park, S., Aslam, B., Turgut, D., and Zou, C. C. Defense against sybil attack in the initial deployment stage of vehicular ad hoc network based on roadside unit support. Security and Communication Networks, 2013, páginas 523–538.
Perera, C., Zaslavsky, A., Christen, P., and Georgakopoulos, D. Sensing as a service model for smart cities supported by internet of things. Transactions on Emerging Telecommunications Technologies, páginas 81–93.
Pinol, O. P., Raza, S., Eriksson, J., and Voigt, T. Bsd-based elliptic curve cryptography for the open internet of things. In 7th International Conference New Technologies, Mobility and Security (NTMS), 2015, páginas 1-5.
Quercia, D. and Hailes, S. Sybil attacks against mobile users: friends and foes to the rescue. In INFOCOM, 2010, páginas 1–5.
Vamsi, P. R. and Kant, K. A lightweight sybil attack detection framework for wireless sensor networks. In Seventh International Conference on Contemporary Computing (IC3), 2014 páginas 387–393.
Wallgren, L., Raza, S., and Voigt, T. Routing attacks and countermeasures in the RPL-based Internet of things. International Journal of Distributed Sensor Networks, 2013.
Wu, C.-C., Chang, C.-C., and Lin, I.-C.. New sealed-bid electronic auction with fairness, security and efficiency. Journal of Computer Science and Technology, 2008, páginas 253–264.
Zheng, J. X. and Potkonjak, M. A digital puf-based ip protection architecture for network embedded systems. In Proceedings of the tenth ACM/IEEE symposium on Architectures for networking and communications systems, páginas 255–256.
Publicado
07/11/2016
Como Citar
EVANGELISTA, Danilo; SILVA, Eduardo da; NOGUEIRA, Michele; SANTOS, Aldri.
Um controle de associações resistente a ataques Sybil para a disseminação segura de conteúdo da IoT. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 16. , 2016, Niterói.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2016
.
p. 16-29.
DOI: https://doi.org/10.5753/sbseg.2016.19295.