MAC-Layer Spoofing Detection and Prevention in IoT Systems

Madani, Pooria; Vlajic, Natalija; Sadeghpour, Shadi

doi:10.1145/3411498.3419968

Cited by 9 publications

(4 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…IoT uses the MAC address to authenticate wireless networks at the data link layer. Spoofing attacks occur when malicious entities imitate legitimate users' MAC addresses to gain network access illegally, affecting the data confidentiality and integrity of the environment [106]. Lack of data confidentiality means unauthorized/malicious actors may know the contents of data, whereas lack of integrity means the data may have been amended, altered, tampered or discarded.…”

Section: ) the Network Layermentioning

confidence: 99%

Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

Khatun,

Memon,

Eising

et al. 2023

IEEE Access

View full text Add to dashboard Cite

The Healthcare Internet-of-Things (H-IoT), commonly known as Digital Healthcare, is a datadriven infrastructure that highly relies on smart sensing devices (i.e., blood pressure monitors, temperature sensors, etc.) for faster response time, treatments, and diagnosis. However, with the evolving cyber threat landscape, IoT devices have become more vulnerable to the broader risk surface (e.g., risks associated with generative AI, 5G-IoT, etc.), which, if exploited, may lead to data breaches, unauthorized access, and lack of command and control and potential harm. This paper reviews the fundamentals of healthcare IoT, its privacy, and data security challenges associated with machine learning and H-IoT devices. The paper further emphasizes the importance of monitoring healthcare IoT layers such as perception, network, cloud, and application. Detecting and responding to anomalies involves various cyber-attacks and protocols such as Wi-Fi 6, Narrowband Internet of Things (NB-IoT), Bluetooth, ZigBee, LoRa, and 5G New Radio (5G NR). A robust authentication mechanism based on machine learning and deep learning techniques is required to protect and mitigate H-IoT devices from increasing cybersecurity vulnerabilities. Hence, in this review paper, security and privacy challenges and risk mitigation strategies for building resilience in H-IoT are explored and reported.

show abstract

Section: ) the Network Layermentioning

confidence: 99%

Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

Khatun,

Memon,

Eising

et al. 2023

IEEE Access

View full text Add to dashboard Cite

show abstract

“…MAC address is used on data link layer and considered as an authentication factor for wireless networks in IoT. In a spoofing attack, the malicious entity modifies the MAC address to some forged value that belongs to the valid user and obtains illegal benefits in the network [10]. To detect spoofing attacks, physical layer authentication is used through RSS.…”

Section: Of 16mentioning

confidence: 99%

Development of a Model for Spoofing Attacks in Internet of Things

et al. 2022

View full text Add to dashboard Cite

Internet of Things (IoT) allows the integration of the physical world with network devices for proper privacy and security in a healthcare system. IoT in a healthcare system is vulnerable to spoofing attacks that can easily represent themselves as a legal entity of the network. It is a passive attack and can access the Medium Access Control address of some valid users in the network to continue malicious activities. In this paper, an algorithm is proposed for detecting spoofing attacks in IoT using Received Signal Strength (RSS) and Number of Connected Neighbors (NCN). Firstly, the spoofing attack is detected, located and eliminated through Received Signal Strength (RSS) in an inter-cluster network. However, the RSS is not useful against intra-cluster spoofing attacks and therefore the NCN is introduced to detect, identify and eliminate the intra-cluster spoofing attack. The proposed model is implemented in Network Simulator 2 (NS-2) to compare the performance of the proposed algorithm in the presence and absence of spoofing attacks. The result is that the proposed model increases the detection and prevention of spoofing.

show abstract

“…However, there are serious security issues with Wi-Fi networks. Attackers can obtain the identity information of a valid device through wireless sniffing and then use this information to disguise themselves as legitimate devices [2,3]. Attackers can steal confidential data or attack the internal websites after getting authorization [4,5], or they can control other devices by sending spurious instructions [6].…”

Section: Introductionmentioning

confidence: 99%

“…In recent years, attempts have been made to use wireless channel characteristics for device authentication. One approach is to extract fine-grained fingerprints that can identify the device from the CSI and use fingerprint matching to authenticate the device [3,[13][14][15][16]. CSI refers to the channel frequency response (CFR) of a wireless multipath channel, including the amplitude attenuation and phase shift of the channel.…”

Section: Introductionmentioning

confidence: 99%

Enhancing Packet‐Level Wi‐Fi Device Authentication Protocol Leveraging Channel State Information

Song

Chen

et al. 2021

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Wi-Fi device authentication is crucial for defending against impersonation attacks and information forgery attacks. Most of the existing authentication technologies rely on complex cryptographic algorithms. However, they cannot be supported well on the devices with limited hardware resources. A fine-grained device authentication technology based on channel state information (CSI) provides a noncryptographic method, which uses the CSI fingerprints for authentication since CSI can uniquely identify the devices. But long-term authentication based on CSI fingerprints is a challenging work. First, the CSI fingerprints are environment-sensitive, which means that the local authenticator should be updated to adapt to the changing channel state. Second, the local authenticator trained with old CSI fingerprints is outdated when users reconnect to the network after being offline for a long time, thus, it needs to be retrained in the access phase with new fingerprints. To tackle these challenges, we propose a CSI-based enhancing Wi-Fi device authentication protocol and an authentication framework. The protocol helps to collect new CSI fingerprints for authenticator’s training in access phase and performs the fingerprints’ dispersion analysis for authentication. In the association phase, it provides packet-level authentication and updates the authenticator with valid CSI fingerprints. The authenticator consists of an ensemble of small-scale autoencoders, which has high enough time efficiency for packet-level authentication and authenticator’s update. Experiments show that the accuracy of the framework is up to 98.7%, and the authenticator updating method can help the framework maintains high accuracy.

show abstract

MAC-Layer Spoofing Detection and Prevention in IoT Systems

Cited by 9 publications

References 12 publications

Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation

Development of a Model for Spoofing Attacks in Internet of Things

Enhancing Packet‐Level Wi‐Fi Device Authentication Protocol Leveraging Channel State Information

Contact Info

Product

Resources

About