Mitigating and Analysis of Memory Usage Attack in IoE System
- URL: http://arxiv.org/abs/2404.19480v2
- Date: Tue, 15 Oct 2024 07:48:37 GMT
- Title: Mitigating and Analysis of Memory Usage Attack in IoE System
- Authors: Zainab Alwaisi, Simone Soderi, Rocco De Nicola,
- Abstract summary: Internet of Everything (IoE) is a newly emerging trend, especially in homes.
Memory corruption vulnerabilities constitute a significant class of vulnerabilities in software security.
This paper aims to analyze and explain the resource usage attack and create a low-cost simulation environment.
- Score: 1.515687944002438
- License:
- Abstract: Internet of Everything (IoE) is a newly emerging trend, especially in homes. Marketing forces toward smart homes are also accelerating the spread of IoE devices in households. An obvious risk of the rapid adoption of these smart devices is that many lack controls for protecting the privacy and security of end users from attacks designed to disrupt lives and incur financial losses. Today the smart home is a system for managing the basic life support processes of both small systems, e.g., commercial, office premises, apartments, cottages, and largely automated complexes, e.g., commercial and industrial complexes. One of the critical tasks to be solved by the concept of a modern smart home is the problem of preventing the usage of IoE resources. Recently, there has been a rapid increase in attacks on consumer IoE devices. Memory corruption vulnerabilities constitute a significant class of vulnerabilities in software security through which attackers can gain control of an entire system. Numerous memory corruption vulnerabilities have been found in IoE firmware already deployed in the consumer market. This paper aims to analyze and explain the resource usage attack and create a low-cost simulation environment to aid in the dynamic analysis of the attack. Further, we perform controlled resource usage attacks while measuring resource consumption on resource-constrained victims' IoE devices, such as CPU and memory utilization. We also build a lightweight algorithm to detect memory usage attacks in the IoE environment. The result shows high efficiency in detecting and mitigating memory usage attacks by detecting when the intruder starts and stops the attack.
Related papers
- How Memory-Safe is IoT? Assessing the Impact of Memory-Protection Solutions for Securing Wireless Gateways [0.0]
Memory-based vulnerabilities are among the most serious threats in software, with no universal solution yet available.
This paper explores the impact of memory safety on the IoT domain through an empirical large-scale analysis of memory-related vulnerabilities in modern wireless gateways.
arXiv Detail & Related papers (2024-11-02T23:00:37Z) - Detection of Energy Consumption Cyber Attacks on Smart Devices [1.515687944002438]
This paper presents a lightweight technique for detecting energy consumption attacks on smart home devices by analyzing received packets.
It accounts for resource constraints and promptly alerts administrators upon detecting an attack.
arXiv Detail & Related papers (2024-04-30T10:29:25Z) - SunBlock: Cloudless Protection for IoT Systems [7.267200149618047]
Many existing IoT protection solutions are cloud-based, sometimes ineffective, and might share consumer data with unknown third parties.
This paper investigates the potential for effective IoT threat detection locally, on a home router, using AI tools combined with classic rule-based traffic-filtering algorithms.
Our results show that with a slight rise of router hardware resources, a typical home router instrumented with our solution is able to effectively detect risks and protect a typical home IoT network.
arXiv Detail & Related papers (2024-01-25T17:30:08Z) - Is Your Kettle Smarter Than a Hacker? A Scalable Tool for Assessing Replay Attack Vulnerabilities on Consumer IoT Devices [1.5612101323427952]
ENISA and NIST security guidelines emphasize the importance of enabling default local communication for safety and reliability.
We propose a tool, named REPLIOT, able to test whether a replay attack is successful or not, without prior knowledge of the target devices.
We find that 75% of the remaining devices are vulnerable to replay attacks with REPLIOT having a detection accuracy of 0.98-1.
arXiv Detail & Related papers (2024-01-22T18:24:41Z) - Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS)
FLEKD enables a more flexible aggregation method than conventional model fusion techniques.
Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z) - Classification of cyber attacks on IoT and ubiquitous computing devices [49.1574468325115]
This paper provides a classification of IoT malware.
Major targets and used exploits for attacks are identified and referred to the specific malware.
The majority of current IoT attacks continue to be of comparably low effort and level of sophistication and could be mitigated by existing technical measures.
arXiv Detail & Related papers (2023-12-01T16:10:43Z) - HoneyIoT: Adaptive High-Interaction Honeypot for IoT Devices Through
Reinforcement Learning [10.186372780116631]
We develop an adaptive high-interaction honeypot for IoT devices, called HoneyIoT.
We first build a real device based attack trace collection system to learn how attackers interact with IoT devices.
We then model the attack behavior through markov decision process and leverage reinforcement learning techniques to learn the best responses to engage attackers.
arXiv Detail & Related papers (2023-05-10T19:43:20Z) - EEG-Based Brain-Computer Interfaces Are Vulnerable to Backdoor Attacks [68.01125081367428]
Recent studies have shown that machine learning algorithms are vulnerable to adversarial attacks.
This article proposes to use narrow period pulse for poisoning attack of EEG-based BCIs, which is implementable in practice and has never been considered before.
arXiv Detail & Related papers (2020-10-30T20:49:42Z) - Smart Home, security concerns of IoT [91.3755431537592]
The IoT (Internet of Things) has become widely popular in the domestic environments.
People are renewing their homes into smart homes; however, the privacy concerns of owning many Internet connected devices with always-on environmental sensors remain insufficiently addressed.
Default and weak passwords, cheap materials and hardware, and unencrypted communication are identified as the principal threats and vulnerabilities of IoT devices.
arXiv Detail & Related papers (2020-07-06T10:36:11Z) - Lightweight Collaborative Anomaly Detection for the IoT using Blockchain [40.52854197326305]
Internet of things (IoT) devices tend to have many vulnerabilities which can be exploited by an attacker.
Unsupervised techniques, such as anomaly detection, can be used to secure these devices in a plug-and-protect manner.
We present a distributed IoT simulation platform, which consists of 48 Raspberry Pis.
arXiv Detail & Related papers (2020-06-18T14:50:08Z) - IoT Device Identification Using Deep Learning [43.0717346071013]
The growing use of IoT devices in organizations has increased the number of attack vectors available to attackers.
The widely adopted bring your own device (BYOD) policy which allows an employee to bring any IoT device into the workplace and attach it to an organization's network also increases the risk of attacks.
In this study, we applied deep learning on network traffic to automatically identify IoT devices connected to the network.
arXiv Detail & Related papers (2020-02-25T12:24:49Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.