Design and implementation of intelligent packet filtering in IoT
microcontroller-based devices
- URL: http://arxiv.org/abs/2305.19214v1
- Date: Tue, 30 May 2023 17:03:36 GMT
- Title: Design and implementation of intelligent packet filtering in IoT
microcontroller-based devices
- Authors: Gustavo de Carvalho Bertoli, Gabriel Victor C. Fernandes, Pedro H.
Borges Monici, C\'esar H. de Araujo Guibo, Louren\c{c}o Alves Pereira Jr.,
Aldri Santos
- Abstract summary: Internet of Things (IoT) devices are increasingly pervasive and essential components in enabling new applications and services.
Ensuring robust cybersecurity measures is essential to protect IoT devices from malicious attacks.
We introduce T800, a low-resource packet filter that utilizes machine learning (ML) algorithms to classify packets in IoT devices.
- Score: 1.4500636542366327
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Internet of Things (IoT) devices are increasingly pervasive and essential
components in enabling new applications and services. However, their widespread
use also exposes them to exploitable vulnerabilities and flaws that can lead to
significant losses. In this context, ensuring robust cybersecurity measures is
essential to protect IoT devices from malicious attacks. However, the current
solutions that provide flexible policy specifications and higher security
levels for IoT devices are scarce. To address this gap, we introduce T800, a
low-resource packet filter that utilizes machine learning (ML) algorithms to
classify packets in IoT devices. We present a detailed performance benchmarking
framework and demonstrate T800's effectiveness on the ESP32 system-on-chip
microcontroller and ESP-IDF framework. Our evaluation shows that T800 is an
efficient solution that increases device computational capacity by excluding
unsolicited malicious traffic from the processing pipeline. Additionally, T800
is adaptable to different systems and provides a well-documented performance
evaluation strategy for security ML-based mechanisms on ESP32-based IoT
systems. Our research contributes to improving the cybersecurity of
resource-constrained IoT devices and provides a scalable, efficient solution
that can be used to enhance the security of IoT systems.
Related papers
- Enhancing IoT Security: A Novel Feature Engineering Approach for ML-Based Intrusion Detection Systems [1.749521391198341]
The integration of Internet of Things (IoT) applications in our daily lives has led to a surge in data traffic, posing significant security challenges.
This paper focuses on improving the effectiveness of ML-based IDS at the edge level by introducing a novel method to find a balanced trade-off between cost and accuracy.
arXiv Detail & Related papers (2024-04-29T21:26:18Z) - Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS)
FLEKD enables a more flexible aggregation method than conventional model fusion techniques.
Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z) - Classification of cyber attacks on IoT and ubiquitous computing devices [49.1574468325115]
This paper provides a classification of IoT malware.
Major targets and used exploits for attacks are identified and referred to the specific malware.
The majority of current IoT attacks continue to be of comparably low effort and level of sophistication and could be mitigated by existing technical measures.
arXiv Detail & Related papers (2023-12-01T16:10:43Z) - IoTScent: Enhancing Forensic Capabilities in Internet of Things Gateways [45.44831696628473]
This paper presents IoTScent, an open-source forensic tool that enables IoT gateways and Home Automation platforms to perform IoT traffic capture and analysis.
IoTScent is specifically designed to operate over IEEE5.4-based traffic, which is the basis for many IoT-specific protocols such as Zigbee, 6LoWPAN and Thread.
This work provides a comprehensive description of the IoTScent tool, including a practical use case that demonstrates the use of the tool to perform device identification from Zigbee traffic.
arXiv Detail & Related papers (2023-10-05T09:10:05Z) - IoT Device Identification Based on Network Communication Analysis Using
Deep Learning [43.0717346071013]
The risk of attacks on an organization's network has increased due to the growing use of less secure IoT devices.
To tackle this threat and protect their networks, organizations generally implement security policies in which only white listed IoT devices are allowed on the network.
In this research, deep learning is applied to network communication for the automated identification of IoT devices permitted on the network.
arXiv Detail & Related papers (2023-03-02T13:44:58Z) - Network Intrusion Detection System in a Light Bulb [0.0]
Internet of Things (IoT) devices are progressively being utilised in a variety of edge applications to monitor and control home and industry infrastructure.
Despite a large number of proposed Network Intrusion Detection Systems (NIDSs), there is limited research into practical IoT implementations.
This research aims to address this gap by pushing the boundaries on low-power Machine Learning (ML) based NIDSs.
arXiv Detail & Related papers (2022-10-06T23:36:04Z) - Is this IoT Device Likely to be Secure? Risk Score Prediction for IoT
Devices Using Gradient Boosting Machines [11.177584118932572]
Security risk assessment and prediction are critical for organisations deploying Internet of Things (IoT) devices.
This paper proposes a novel risk prediction for IoT devices based on publicly available information about them.
arXiv Detail & Related papers (2021-11-23T13:41:29Z) - Safe RAN control: A Symbolic Reinforcement Learning Approach [62.997667081978825]
We present a Symbolic Reinforcement Learning (SRL) based architecture for safety control of Radio Access Network (RAN) applications.
We provide a purely automated procedure in which a user can specify high-level logical safety specifications for a given cellular network topology.
We introduce a user interface (UI) developed to help a user set intent specifications to the system, and inspect the difference in agent proposed actions.
arXiv Detail & Related papers (2021-06-03T16:45:40Z) - GRAVITAS: Graphical Reticulated Attack Vectors for Internet-of-Things
Aggregate Security [5.918387680589584]
Internet-of-Things (IoT) and cyber-physical systems (CPSs) may consist of thousands of devices connected in a complex network topology.
We describe a comprehensive risk management system, called GRAVITAS, for IoT/CPS that can identify undiscovered attack vectors.
arXiv Detail & Related papers (2021-05-31T19:35:23Z) - Adversarial Machine Learning based Partial-model Attack in IoT [21.674533290169464]
We propose an adversarial machine learning based partial-model attack in the data fusion/aggregation process of IoT.
Our results show that the machine learning engine of IoT system is highly vulnerable to attacks even when the adversary manipulates a small portion of IoT devices.
arXiv Detail & Related papers (2020-06-25T03:04:26Z) - IoT Device Identification Using Deep Learning [43.0717346071013]
The growing use of IoT devices in organizations has increased the number of attack vectors available to attackers.
The widely adopted bring your own device (BYOD) policy which allows an employee to bring any IoT device into the workplace and attach it to an organization's network also increases the risk of attacks.
In this study, we applied deep learning on network traffic to automatically identify IoT devices connected to the network.
arXiv Detail & Related papers (2020-02-25T12:24:49Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.