Security of the Internet of Things

Similar documents
F5 Network Security for IoT

Internet of Things (IoT)

ITU-T Y.4552/Y.2078 (02/2016) Application support models of the Internet of things

Architecture of Industrial IoT

IERC Standardization Challenges. Standards for an Internet of Things. 3 and 4 July 2014, ETSI HQ (Sophia Antipolis)

Security Challenges in the Internet of Things. Dr. Sigrid Schefer-Wenzl

Internet of things (IoT) Regulatory aspects. Trilok Dabeesing, ICT Authority 28 June 2017

How to Categorize Risk in IoT

A Vision of IoT: Applications, Challenges, and Opportunities With China Perspective

Introduction to the Internet of Things

IoT and the Implications for Security Inside and Outside the Enterprise. Richard Boyer CISO & Chief Architect, Security

Internet of Things (IoT) Vikram Raval GSMA

Internet of Things: Networking Infrastructure for C.P.S. Wei Zhao University of Macau December 2012

ITU-T Y Functional framework and capabilities of the Internet of things

Building Your DLP Strategy & Process. Whitepaper

Internet of Things: A Comprehensive Analysis and Security Implementation through Elliptic Curve Cryptography

Synchronization Issues During Encoder / Decoder Tests

New Technologies: 4G/LTE, IOTs & OTTS WORKSHOP

Internet of Things: Cross-cutting Integration Platforms Across Sectors

A Bird s Eye View on Internet of Things

Emerging IoT Technologies for Smart Cities

IoT Strategy Roadmap

T : Internet Technologies for Mobile Computing

PROTOTYPE OF IOT ENABLED SMART FACTORY. HaeKyung Lee and Taioun Kim. Received September 2015; accepted November 2015

Dr. Tanja Rückert EVP Digital Assets and IoT, SAP SE. MSB Conference Oct 11, 2016 Frankfurt. International Electrotechnical Commission

Securing IoT in the Enterprise

Enduring the IoT storm to unlock new paths to value. How a governance model protects you from a blizzard of IoT risk

IoT Evidence Acquisition Issues and Challenges

Smart Cities A sua cidade está preparada para um ataque cibernético? Prof. Dr. Fabiano Hessel

IoT Challenges & Testing aspects. Alon Linetzki, Founder & CEO QualityWize

SPECIALIST TASK FORCE 505 IOT STANDARDS LANDSCAPING & IOT LSP GAP ANALYSIS

Introduction to the platforms of services for the Internet of Things Revision : 536

THE NEXT GENERATION OF CITY MANAGEMENT INNOVATE TODAY TO MEET THE NEEDS OF TOMORROW

Home Monitoring System Using RP Device

Colour Reproduction Performance of JPEG and JPEG2000 Codecs

Social Network Structure Influences Disease Transmission

THE MPI INTERNET OF THINGS STUDY SPONSORED BY BDO

The comparison of actual system with expected system is done with the help of control mechanism. False True

Amon: Advanced Mesh-Like Optical NoC

Distortion Analysis Of Tamil Language Characters Recognition

Prime Minister's Advisory Council on Cyber Security - Industry Working Group on IoT

The Development of a Synthetic Colour Test Image for Subjective and Objective Quality Assessment of Digital Codecs

Internet of Things (IoT): The Big Picture

Chapter 2. Analysis of ICT Industrial Trends in the IoT Era. Part 1

Spectrum Management Aspects Enabling IoT Implementation

INTERNET OF THINGS THE GSMA GUIDE TO THE R A G E C A P A B I L C O V E I T Y T Y U R I E C R S B E C Y. gsma.com/iot

ENGINEERING COMMITTEE Energy Management Subcommittee SCTE STANDARD SCTE

FORMAL METHODS INTRODUCTION

Using Scan Side Channel to Detect IP Theft

data and is used in digital networks and storage devices. CRC s are easy to implement in binary

Building a Semantic Ontology for Internet of Things (IoT) Systems

Data flow architecture for high-speed optical processors

ITU-T Y Reference architecture for Internet of things network capability exposure

The Internet-of-Things For Biodiversity

The Internet of You: The Ethical, Privacy, and Legal Implications of Connected Devices. Beverly Kracher, Ph.D. Business Ethics Alliance

JTC 1/SC 41. François Coallier, PhD, Eng. Chair, ISO/IEC JTC 1/SC41 ITU-T RFG, ITU-T RFG

Recomm I n t e r n a t i o n a l T e l e c o m m u n i c a t i o n U n i o n

Bezirk. Things plus Cloud does not equal IoT. Saturn 2016, San Diego. IoT that tastes better. IoT by default

Introduction. Packet Loss Recovery for Streaming Video. Introduction (2) Outline. Problem Description. Model (Outline)

IoT trends in the Americas and considerations on the importance of National IoT plans

Connected Industry and Enterprise Role of AI, IoT and Geospatial Technology. Vijay Kumar, CTO ESRI India

UPDATE ON IOT LANDSCAPING

IEEE Santa Clara ComSoc/CAS Weekend Workshop Event-based analog sensing

Knowledge Representation

IoT Technical foundation and use cases Anders P. Mynster, Senior Consultant High Tech summit DTU FORCE Technology at a glance

Is Architecture Beautiful? Nikos A. Salingaros University of Texas at San Antonio May 2016

BIG SYNTHETIC DATA WITH MUSKETEER

Networks of Things. J. Voas Computer Scientist. National Institute of Standards and Technology

The Art of Low-Cost IoT Solutions

Internet of Things Conceptual Frameworks and Architecture

Internet of Things. Decoding the IoT Ecosystem. Jad El Cham October 2017 RIPE75 Tutorial

LED driver architectures determine SSL Flicker,

Avoiding False Pass or False Fail

Technology & Security Officers Collide: The Future of Security in an Internet of Things

Introduction to the ITU-T Global Standards Initiative on IoT with focus on SG13 activities

Guidance For Scrambling Data Signals For EMC Compliance

Winrar for windows 7 32 bit with crack

How to overcome/avoid High Frequency Effects on Debug Interfaces Trace Port Design Guidelines

Cryptagram. Photo Privacy for Online Social Media Matt Tierney, Ian Spiro Christoph Bregler, Lakshmi Subramanian

Informatique Fondamentale IMA S8

Ex Libris Rosetta Privacy Impact Assessment

Collection management policy

BNCE TV07: Power Impacts of Quick Start Standby Functionality in Televisions

Predicting the immediate future with Recurrent Neural Networks: Pre-training and Applications

Compressed-Sensing-Enabled Video Streaming for Wireless Multimedia Sensor Networks Abstract:

Do you have a mature IoT solution? Join us with the Open Call. Alicia Cano - Medtronic.

IOT The internet of things by Christopher LaForge

CHAPTER 8 CONCLUSION AND FUTURE SCOPE

ADVANCED MICRO DEVICES, 2 CADENCE DESIGN SYSTEMS

Arc Detector for Remote Detection of Dangerous Arcs on the DC Side of PV Plants

Bodily Cartographies. Pathologising the body and the city. By Blanca Pujals

PLTW Engineering Digital Electronics Course Outline

Conceptions and Context as a Fundament for the Representation of Knowledge Artifacts

INTEGRATED CIRCUITS. AN219 A metastability primer Nov 15

Digital Electronics Course Outline

Machina Research. INDUSTRY DAY - Welcome. Emil Berthelsen, Principal Analyst Crowne Plaza Hotel, Belgrade, Serbia June 1, 2016

Design of Fault Coverage Test Pattern Generator Using LFSR

Jin-Fu Li Advanced Reliable Systems (ARES) Laboratory. National Central University

Designing for the Internet of Things with Cadence PSpice A/D Technology

Ex Libris. Aleph Privacy Impact Assessment

Transcription:

Danish Internet Day Security of the Internet of Things Mitigating infections spread through immunisation techniques Farell FOLLY, Ph.D Researcher folly.farell@unibw.de Copenhague, October 1st.!1

Agenda 1. Introduction to the IoT 2. Security Challenges in IoT 3. State of the Art of the IoT Security 4. Immunisation Techniques and our Approach!2

Introduction The Internet of Things (IoT) is a network of dedicated physical objects (things) that contain embedded technology to communicate and sense or interact with their internal states or the external environment. - Gartner!3

Introduction 1. Physical World People, Devices 2. Virtual World Applications, Digital Artefacts 3. Processes Actuation, sensing, etc.!4

Introduction UML representation of IoT Domain Model Source: «Enable Things to talk», Designing IoT solutions with the IoT Architectural Reference Model, Alexandro Bassi et al, Springer Edition, ISBN : 978-3-642-40403-0!5

Security Challenges Number of devices High diversity of things Variety and number of Applications Speed of change Hard to plan for a systematic Approach for Security!6

Security Challenges Unpredictable attacks Cybercriminals keep improving their techniques Zero-Day attacks Propagation of vulnerabilities towards billions of devices!7

Security Challenges Tradit ionally Packet Inspection Blocking Traffic based on flags, Signatures Security built around static schemes IoT Context Almost infeasible in this context (Big Data) Not adaptive / too much human intervention IoT networks are highly dynamic!8

Security Challenges 1. 70% of the most commonly used IoT devices contain vulnerabilities. 2. 56% of respondents say that it is unlikely or highly unlikely that their organisation would be able to detect a sophisticated attack. 3. 253 billions of free Apps (2017). Malicious apps (malware): the increase in the number of apps on the device increases the likelihood that some may contain malicious code or security holes Source: EY insights!9

State-of-the-Art!10

State-of-the-Art No universal framework or common approach for IoT security Most devices are not primarily designed with security and interoperability in mind Many manufacturers mostly rely on existing traditional security measures!11

State-of-the-Art So far, no security approach tackles all security aspects associated with the IoT Many projects do exist, however; that address some specific concerns: 1. NEBULA: www.nebula-fia.org 2. utrustit: www.utrustit.eu 3. IoT-A: www.iot-a.eu Many authors considered the use of the Graph Theory to cope with the size of IoT networks and their dynamics!12

State-of-the-Art Auto-immunity Security and Identification. Trust deterministic, policy-based, reputation-based, social net work-based!13

State-of-the-Art Cognitive approach (Context-Awareness) 1. Enable devices and network with the intelligence to perceive things 2. Adaptive actions based on continuous learning in a hostile environment Tetrahedron model in the IoT context Source: A roadmap for the Security in the Internet of Things, Arbia et al (2018).!14

Our Approach!15

Our Approach Since we can never produce a 100% secure general system or network, we need methods to mitigate the spread of damage. - Mathematical underpinnings for Science-based Cybersecurity. United States Department of Energy.!16

Our Approach 1. Minimise exposure factor 2. Control how threats spread 3. Design an efficient patch or vaccines distribution mechanism Immunisation!17

Our Approach NoN model with three layers Source : Towards a Networks-of-Networks Framework for Cyber Security, Mahantesh Halappanavar et al.!18

Our Approach Is the system in danger? Risk increases Vulnerability reaches a threshold An infection is spreading This node is having too many links!!! This cluster is having too many members, is it possible to disconnect some or move them to another cluster? What action to take? Minimise Risk Maximise Entropy Reduce exposure factor Trigger updates / recovery processes towards specific targets The most exposed (boundary nodes, important links, giant clusters, inside dominant set, etc.) Use graph theory analysis to find the most suitable metrics and influence them accurately : Immunisation algorithms!19

Our Approach Graph Theory IoT Security Immunization!20

Our Approach Type of graph Graph Structure Graph-based Security metrics Clustering Centrality Betweenness Reachability Percolation etc. Graph-based IoT Representation Graph Theory IoT Security Immunization!21

Our Approach Type of graph Graph Structure Graph-based Security metrics Clustering Centrality Betweenness Reachability Percolation etc. Graph-based IoT Representation Graph Theory IoT Security Infection propagation and containment Immunization Infection propagation Infection containment Analogy of Human Immune system Immune system learning : Detect (trust rating, classify as fraudulent or legal, semantic analysis) Activate virtual Antibodies to heal the rest or to efficiently stop the propagation.!22

Our Approach Epidemic process : Susceptible-Infected-Recovered 1. How fast does an infection spread 2. What is the threat strategy? 3. What is the IoT network topology? 4. How resistant are the nodes/clusters? Infectiousness Resistance Topology Strategy!23

Our Approach Graph challenges : clustering, groupings, and simplification Apps Devices interconnection Devices Original graph topology Forming cliques Final compressed graph!24

Summary In parallel with the increasing autonomy of things to perceive and act on the environment, IoT security should move towards a greater autonomy in perceiving threats and reacting to attacks, based on a cognitive and systemic approach - Arbia et al.!25

Use cases discussions 1. A trusted device connects to a car and has been granted permission to launch a service, What are the requirements of such an equipment? 2. How does a human decide to collaborate with a random person? Picture credit to @Gartner!26

Akpé kaka! folly.farell@unibw.de www.twitter.com/ ff www.linkedin.com/in/farellf!27

2024 © artsdocbox.com Privacy Policy | Terms of Service | Feedback