iDeFEND: Intrusion Detection Framework for Encrypted Network Data

Kılıç, Fatih; Eckert, Claudia

doi:10.1007/978-3-319-26823-1_8

Cited by 5 publications

(3 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The existing privacy protection policies for today’s IoT include encryption , anonymization and obfuscation techniques, which are mainly for single services. However, new privacy preservation techniques in these interdependent services (e.g., searchable encryption, usage control, end-to-end encryption [39] with homomorphic encryption) by design principle for objects, devices, users, subsystems, and services are required. Critical real-time operation : The IoT of the future should be flexible and adaptable to sudden changes of the status and conditions of the infrastructures. This is due in order to have fast response to critical situations such as the increasing frequency of natural disasters due to the global climate change [40].…”

Section: Challenges and Open Issuesmentioning

confidence: 99%

Section: Challenges and Open Issuesmentioning

confidence: 99%

See 1 more Smart Citation

Embracing the Future Internet of Things

Cirillo

Solmaz³

et al. 2019

Sensors

View full text Add to dashboard Cite

All of the objects in the real world are envisioned to be connected and/or represented, through an infrastructure layer, in the virtual world of the Internet, becoming Things with status information. Services are then using the available data from this Internet-of-Things (IoT) for various social and economical benefits which explain its extreme broad usage in very heterogeneous fields. Domain administrations of diverse areas of application developed and deployed their own IoT systems and services following disparate standards and architecture approaches that created a fragmentation of things, infrastructures and services in vertical IoT silos. Coordination and cooperation among IoT systems are the keys to build “smarter” IoT services boosting the benefits magnitude. This article analyses the technical trends of the future IoT world based on the current limitations of the IoT systems and the capability requirements. We propose a hyper-connected IoT framework in which “things” are connected to multiple interdependent services and describe how this framework enables the development of future applications. Moreover, we discuss the major limitations in today’s IoT and highlight the required capabilities in the future. We illustrate this global vision with the help of two concrete instances of the hyper-connected IoT in smart cities and autonomous driving scenarios. Finally, we analyse the trends in the number of connected “things” and point out open issues and future challenges. The proposed hyper-connected IoT framework is meant to scale the benefits of IoT from local to global.

show abstract

Section: Challenges and Open Issuesmentioning

confidence: 99%

Section: Challenges and Open Issuesmentioning

confidence: 99%

Embracing the Future Internet of Things

Cirillo

Solmaz³

et al. 2019

Sensors

View full text Add to dashboard Cite

show abstract

“…Taleb et al [ 45 , 46 ] propose solutions based on per-packet inspection of the header information in order to identify misuses in encrypted protocols. On the other hand, iDeFEND [ 47 ] is a framework for inspecting encrypted network data without breaking the security model of end-to-end encryption. Goh et al [ 48 , 49 ] propose mirroring the traffic to a central IDS, able to decrypt the traffic and perform deep packet inspection, while ProtoMon [ 50 ] is based on detection of protocol misuse.…”

Section: Related Workmentioning

confidence: 99%

Acceleration of Intrusion Detection in Encrypted Network Traffic Using Heterogeneous Hardware

Papadogiannaki

Ioannidis

2021

Sensors

View full text Add to dashboard Cite

More than 75% of Internet traffic is now encrypted, and this percentage is constantly increasing. The majority of communications are secured using common encryption protocols such as SSL/TLS and IPsec to ensure security and protect the privacy of Internet users. However, encryption can be exploited to hide malicious activities, camouflaged into normal network traffic. Traditionally, network traffic inspection is based on techniques like deep packet inspection (DPI). Common applications for DPI include but are not limited to firewalls, intrusion detection and prevention systems, L7 filtering, and packet forwarding. With the widespread adoption of network encryption though, DPI tools that rely on packet payload content are becoming less effective, demanding the development of more sophisticated techniques in order to adapt to current network encryption trends. In this work, we present HeaderHunter, a fast signature-based intrusion detection system even for encrypted network traffic. We generate signatures using only network packet metadata extracted from packet headers. In addition, we examine the processing acceleration of the intrusion detection engine using different heterogeneous hardware architectures.

show abstract