Um Ambiente de Experimentação em Cibersegurança para Internet das Coisas
Resumo
A grande escala da Internet das Coisas exige estruturas complexas capazes de suportar cenários experimentais com escala suficiente para avaliar eficientemente soluções de cibersegurança contra ataques DDoS baseados em botnets. Este trabalho descreve uma arquitetura para o MENTORED Testbed, um ambiente de experimentação criado sobre a Infraestrutura Definida por Software da Rede Nacional de Ensino e Pesquisa (IDS-RNP). O testbed cria experimentos com redes de longa distância, tecnologias de nuvem e com dispositivos sem fio inseridos nos servidores do IDS-RNP. O comportamento do testbed foi analisado por meio de um caso de uso que reproduz automaticamente capturas de rede em um cenário realístico para avaliar propostas de detecção de botnets.
Palavras-chave:
Testbed, Internet das Coisas, Cibersegurança
Referências
A10-Networks (2020). Attack shows it is imperative for a ddos zero-trust approach and continued diligence. https://www.a10networks.com/blog/aws-hit-by-largest-reported-ddos-attack-of-2-3-tbps/. Último Acesso: Março de 2021.
Adjih, C., Baccelli, E., Fleury, E., Harter, G., Mitton, N., Noel, T., Pissard-Gibollet, R., SaintMarcel, F., Schreiner, G., Vandaele, J., and Watteyne, T. (2015). FIT IoT-LAB: A Large Scale Open Experimental IoT Testbed. In IEEE World Forum on Internet of Things, Milan, Italy
Arora, A., Ertin, E., Ramnath, R., Nesterenko, M., and Leal, W. (2006). Kansei: a high-fidelity sensing testbed. IEEE Internet Computing, 10(2):35–47.
BBC (2020). Amazon ’thwarts largest ever ddos cyber-attack’. https://www.bbc.com/news/technology-53093611. Último Acesso: Fevereiro de 2021.
Benzel, T. (2011). The science of cyber security experimentation: The deter project. In Proceedings of the 27th Annual Computer Security Applications Conference, ACSAC ’11, page 137–148, New York, NY, USA. Association for Computing Machinery
Garcia, S., Grill, M., Stiborek, J., and Zunino, A. (2014). An empirical comparison of botnet detection methods. computers & security, 45:100–123.
Gunduz, M. Z. and Das, R. (2018). A comparison of cyber-security oriented testbeds for iot-based smart grids. In International Symposium on Digital Forensic and Security, pages 1–6.
Gyrard, A. and Serrano, M. (2015). Fiesta-iot: Federated interoperable semantic internet of things (iot) testbeds and applications. In ICT.
Kolias, C., Kambourakis, G., Stavrou, A., and Voas, J. (2017). Ddos in the iot: Mirai and other botnets. Computer, 50(7):80–84.
Kumar, A. and Lim, T. J. (2018). A secure contained testbed for analyzing iot botnets. In International Conference on Testbeds and Research Infrastructures, pages 124–137. Springer.
Kumar, A. and Lim, T. J. (2019). A secure contained testbed for analyzing iot botnets. In Gao, H., Yin, Y., Yang, X., and Miao, H., editors, Testbeds and Research Infrastructures for the Development of Networks and Communities, pages 124–137, Cham. Springer International Publishing
Muchtar, F., Abdullah, A. H., Abd Latiff, M. S., Hassan, S., Abd Wahab, M. H., and AbdulSalaam, G. (2018). A technical review of manet testbed using mobile robot technology. In Journal of Physics: Conference Series, volume 1049, page 012001. IOP Publishing.
Siboni, S., Sachidananda, V., Meidan, Y., Bohadana, M., Mathov, Y., Bhairav, S., Shabtai, A., and Elovici, Y. (2019). Security testbed for internet-of-things devices. IEEE Transactions on Reliability, 68(1):23–44.
Vishwakarma, R. and Jain, A. K. (2020). A survey of ddos attacking techniques and defence mechanisms in the iot network. Telecommunication systems, 73(1):3–25.
Wired (2018). Github survived the biggest ddos attack ever recorded. https://www.wired.com/story/github-ddos-memcached/. Último Acesso: Março de 2021.
Adjih, C., Baccelli, E., Fleury, E., Harter, G., Mitton, N., Noel, T., Pissard-Gibollet, R., SaintMarcel, F., Schreiner, G., Vandaele, J., and Watteyne, T. (2015). FIT IoT-LAB: A Large Scale Open Experimental IoT Testbed. In IEEE World Forum on Internet of Things, Milan, Italy
Arora, A., Ertin, E., Ramnath, R., Nesterenko, M., and Leal, W. (2006). Kansei: a high-fidelity sensing testbed. IEEE Internet Computing, 10(2):35–47.
BBC (2020). Amazon ’thwarts largest ever ddos cyber-attack’. https://www.bbc.com/news/technology-53093611. Último Acesso: Fevereiro de 2021.
Benzel, T. (2011). The science of cyber security experimentation: The deter project. In Proceedings of the 27th Annual Computer Security Applications Conference, ACSAC ’11, page 137–148, New York, NY, USA. Association for Computing Machinery
Garcia, S., Grill, M., Stiborek, J., and Zunino, A. (2014). An empirical comparison of botnet detection methods. computers & security, 45:100–123.
Gunduz, M. Z. and Das, R. (2018). A comparison of cyber-security oriented testbeds for iot-based smart grids. In International Symposium on Digital Forensic and Security, pages 1–6.
Gyrard, A. and Serrano, M. (2015). Fiesta-iot: Federated interoperable semantic internet of things (iot) testbeds and applications. In ICT.
Kolias, C., Kambourakis, G., Stavrou, A., and Voas, J. (2017). Ddos in the iot: Mirai and other botnets. Computer, 50(7):80–84.
Kumar, A. and Lim, T. J. (2018). A secure contained testbed for analyzing iot botnets. In International Conference on Testbeds and Research Infrastructures, pages 124–137. Springer.
Kumar, A. and Lim, T. J. (2019). A secure contained testbed for analyzing iot botnets. In Gao, H., Yin, Y., Yang, X., and Miao, H., editors, Testbeds and Research Infrastructures for the Development of Networks and Communities, pages 124–137, Cham. Springer International Publishing
Muchtar, F., Abdullah, A. H., Abd Latiff, M. S., Hassan, S., Abd Wahab, M. H., and AbdulSalaam, G. (2018). A technical review of manet testbed using mobile robot technology. In Journal of Physics: Conference Series, volume 1049, page 012001. IOP Publishing.
Siboni, S., Sachidananda, V., Meidan, Y., Bohadana, M., Mathov, Y., Bhairav, S., Shabtai, A., and Elovici, Y. (2019). Security testbed for internet-of-things devices. IEEE Transactions on Reliability, 68(1):23–44.
Vishwakarma, R. and Jain, A. K. (2020). A survey of ddos attacking techniques and defence mechanisms in the iot network. Telecommunication systems, 73(1):3–25.
Wired (2018). Github survived the biggest ddos attack ever recorded. https://www.wired.com/story/github-ddos-memcached/. Último Acesso: Março de 2021.
Publicado
18/07/2021
Como Citar
PRATES JR., Nelson G.; ANDRADE, Allex Magno; MELLO, Emerson Ribeiro de; WANGHAM, Michelle Silva; NOGUEIRA, Michele.
Um Ambiente de Experimentação em Cibersegurança para Internet das Coisas. In: WORKSHOP DO TESTBED FIBRE (WFIBRE), 6. , 2021, Evento Online.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2021
.
p. 68-79.
ISSN 2595-6078.
DOI: https://doi.org/10.5753/fibre.2021.15771.