Proposal of Smart Segmentation Framework for preventing threats from spreading in IoT

Sohn, Sung Won; Kim, Jeong-Nyeo

doi:10.1109/ictc49870.2020.9289632

Cited by 3 publications

(5 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Novel approaches to network segmentation for IoT access control have been put forth in a number of research. In order to stop risks from spreading over the IoT networks, Lim [43] proposes a smart segmentation system that makes use of device features, network information, and service kinds. In order to minimize the attack surface, Vaere [44] presents Hopper, a security system that isolates each network host into a separate, access-controlled micro segment.…”

Section: Overview Of Iot Access Control Mechanismsmentioning

confidence: 99%

Authentication and Access Control Mechanisms to Secure IoT Environments: A comprehensive SLR

Almarri,

Frikha

2024

Preprint

View full text Add to dashboard Cite

Due to the rapid growth of the Internet of Things (IoT), securing communications between a huge number of devices has become very difficult. Access controls and authentication secure the connection between IoT devices and protect sensitive data from unauthorized users or malicious attackers. In this paper, we provide a comprehensive review to emphasize the critical role of authentication and access control in securing IoT environments. This paper explores different types of access controls, like Attribute-Based Access Control and Role-Based Access Control. Furthermore, it demonstrates different authentication techniques, like passwords and biometrics. Based on the previous mechanisms, we discuss different IoT security challenges regarding authentication and access control mechanisms and highlight future directions. In addition, this paper investigates the integration between access control and authentication to safeguard IoT communications.

show abstract

Section: Overview Of Iot Access Control Mechanismsmentioning

confidence: 99%

Authentication and Access Control Mechanisms to Secure IoT Environments: A comprehensive SLR

Almarri,

Frikha

2024

Preprint

View full text Add to dashboard Cite

show abstract

“…For lower-capability IoT devices that may exist in a variety of home appliances, It is necessary to use other techniques which are faster and require a limited amount of processing power and memory. For instance, a lightweight security scheme is designed to limit network access using segment units set with various device features, network information, and service types [9]. The architecture's capacity to prevent the propagation of threats on the IoT network was validated by the suppression of botnet creation in the botnet creation experiment testbed using the Mirai virus.…”

Section: Related Workmentioning

confidence: 99%

A Framework to Protect Iot Devices from Enslavement in a Home Environment

Al‐Begain¹,

Khan²,

Alothman³

et al. 2022

Signal, Image Processing and Embedded Systems Trends

View full text Add to dashboard Cite

The Internet of Things (IoT) mainly consists of devices with limited processing capabilities and memory. Therefore, these devices could be easily infected with malicious code and can be used as botnets. In this regard, we propose a framework to detect and prevent botnet activities in an IoT network. We first describe the working mechanism of how an attacker infects an IoT device and then spreads the infection to the entire network. Secondly, we propose a set of mechanisms consisting of detection, identifying the abnormal traffic generated from IoT devices using filtering and screening mechanisms, and publishing the abnormal traffic patterns to the rest of the home routers on the network. Further, the proposed approach is lightweight and requires fewer computing capabilities for installation on home routers. In the future, we will test the proposed system on real hardware, and the results will be presented to identify the abnormal traffic generated by malicious IoT devices.

show abstract

“…Lim et al [13] proposed a smart segmentation framework with attention to the usage of the Domain Generation Algorithm (DGA) in the botnet malware. The smart segmentation framework detects the botnet malware by considering the behavior of querying domain names other than the reference, which is domain names with those of servers normally operated at IoT services, ones as botnet malware's behavior.…”

Section: Malware Detection Techniquesmentioning

confidence: 99%

“…This tool verifies the functionality and performance of network-based malware detection and threat prevention solutions that detects and blocks spreading threats within the IoT infrastructure. It is especially suitable for use in verifying the smart segmentation framework [13] among techniques to prevent malware propagation attacks. We consider that the malware attack is a kind of threats spreading in the network Therefore, the malware simulation tool is implemented based on Mirai malware, which informed the seriousness of IoT security and also was released its source code on the Internet.…”

Section: Malware Simulation Toolmentioning

confidence: 99%

“…We built same environment as the test bed built to demonstration of the smart segmentation framework [13] according to the purpose of implementing the malware simulation tool. The actual environment has cost and space restrictions compared to the virtual environment, making it difficult to build large environments, but virtual environment is advantageous in terms of flexibility and scalability.…”

Section: Experimental Environmentmentioning

confidence: 99%

See 1 more Smart Citation

A Malware Distribution Simulator for the Verification of Network Threat Prevention Tools

Hwang

Kim

2021

Sensors

View full text Add to dashboard Cite

With the expansion of the Internet of Things (IoT), security incidents about exploiting vulnerabilities in IoT devices have become prominent. However, due to the characteristics of IoT devices such as low power and low performance, it is difficult to apply existing security solutions to IoT devices. As a result, IoT devices have easily become targets for cyber attackers, and malware attacks on IoT devices are increasing every year. The most representative is the Mirai malware that caused distributed denial of service (DDoS) attacks by creating a massive IoT botnet. Moreover, Mirai malware has been released on the Internet, resulting in increasing variants and new malicious codes. One of the ways to mitigate distributed denial of service attacks is to render the creation of massive IoT botnets difficult by preventing the spread of malicious code. For IoT infrastructure security, security solutions are being studied to analyze network packets going in and out of IoT infrastructure to detect threats, and to prevent the spread of threats within IoT infrastructure by dynamically controlling network access to maliciously used IoT devices, network equipment, and IoT services. However, there is a great risk to apply unverified security solutions to real-world environments. In this paper, we propose a malware simulation tool that scans vulnerable IoT devices assigned a private IP address, and spreads malicious code within IoT infrastructure by injecting malicious code download command into vulnerable devices. The malware simulation tool proposed in this paper can be used to verify the functionality of network threat detection and prevention solutions.

show abstract

Proposal of Smart Segmentation Framework for preventing threats from spreading in IoT

Cited by 3 publications

References 4 publications

Authentication and Access Control Mechanisms to Secure IoT Environments: A comprehensive SLR

Authentication and Access Control Mechanisms to Secure IoT Environments: A comprehensive SLR

A Framework to Protect Iot Devices from Enslavement in a Home Environment

A Malware Distribution Simulator for the Verification of Network Threat Prevention Tools

Contact Info

Product

Resources

About