Quarantining Malicious IoT Devices in Intelligent Sliced Mobile Networks
2403.19731
0
0
🖼️
Abstract
The unstoppable adoption of the Internet of Things (IoT) is driven by the deployment of new services that require continuous capture of information from huge populations of sensors, or actuating over a myriad of smart objects. Accordingly, next generation networks are being designed to support such massive numbers of devices and connections. For example, the 3rd Generation Partnership Project (3GPP) is designing the different 5G releases specifically with IoT in mind. Nevertheless, from a security perspective this scenario is a potential nightmare: the attack surface becomes wider and many IoT nodes do not have enough resources to support advanced security protocols. In fact, security is rarely a priority in their design. Thus, including network-level mechanisms for preventing attacks from malware-infected IoT devices is mandatory to avert further damage. In this paper, we propose a novel Software-Defined Networking (SDN)-based architecture to identify suspicious nodes in 4G or 5G networks and redirect their traffic to a secondary network slice where traffic is analyzed in depth before allowing it reaching its destination. The architecture can be easily integrated in any existing deployment due to its interoperability. By following this approach, we can detect potential threats at an early stage and limit the damage by Distributed Denial of Service (DDoS) attacks originated in IoT devices.
Create account to get full access
The rapid growth of the Internet of Things (IoT) is enabling new services that require continuous data collection from large numbers of sensors and control over numerous smart objects. Next-generation networks, such as 5G, are being designed to support these massive numbers of devices and connections. However, this scenario poses significant security challenges due to the expanded attack surface and the limited resources of many IoT devices, which often prioritize other factors over security.
To address these concerns, the paper proposes a novel Software-Defined Networking (SDN)-based architecture that identifies suspicious nodes in 4G or 5G networks and redirects their traffic to a secondary network slice for in-depth analysis before allowing it to reach its destination. This approach enables early detection of potential threats and limits the damage caused by Distributed Denial of Service (DDoS) attacks originating from IoT devices. The proposed architecture is designed to be easily integrated into existing deployments, ensuring interoperability with current systems.
This summary was produced with help from an AI and may contain inaccuracies - check out the links to read the original source documents!
Related Papers
🤿
A Cutting-Edge Deep Learning Method For Enhancing IoT Security
Nadia Ansar, Mohammad Sadique Ansari, Mohammad Sharique, Aamina Khatoon, Md Abdul Malik, Md Munir Siddiqui
0
0
There have been significant issues given the IoT, with heterogeneity of billions of devices and with a large amount of data. This paper proposed an innovative design of the Internet of Things (IoT) Environment Intrusion Detection System (or IDS) using Deep Learning-integrated Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) networks. Our model, based on the CICIDS2017 dataset, achieved an accuracy of 99.52% in classifying network traffic as either benign or malicious. The real-time processing capability, scalability, and low false alarm rate in our model surpass some traditional IDS approaches and, therefore, prove successful for application in today's IoT networks. The development and the performance of the model, with possible applications that may extend to other related fields of adaptive learning techniques and cross-domain applicability, are discussed. The research involving deep learning for IoT cybersecurity offers a potent solution for significantly improving network security.
6/19/2024
Optimizing Malware Detection in IoT Networks: Leveraging Resource-Aware Distributed Computing for Enhanced Security
Sreenitha Kasarapu, Sanket Shukla, Sai Manoj Pudukotai Dinakarrao
0
0
In recent years, networked IoT systems have revo- lutionized connectivity, portability, and functionality, offering a myriad of advantages. However, these systems are increasingly targeted by adversaries due to inherent security vulnerabilities and limited computational and storage resources. Malicious applications, commonly known as malware, pose a significant threat to IoT devices and networks. While numerous malware detection techniques have been proposed, existing approaches often overlook the resource constraints inherent in IoT environ- ments, assuming abundant resources for detection tasks. This oversight is compounded by ongoing workloads such as sens- ing and on-device computations, further diminishing available resources for malware detection. To address these challenges, we present a novel resource- and workload-aware malware detection framework integrated with distributed computing for IoT networks. Our approach begins by analyzing available resources for malware detection using a lightweight regression model. Depending on resource availability, ongoing workload executions, and communication costs, the malware detection task is dynamically allocated either on-device or offloaded to neighboring IoT nodes with sufficient resources. To safeguard data integrity and user privacy, rather than transferring the entire malware detection task, the classifier is partitioned and distributed across multiple nodes, and subsequently integrated at the parent node for comprehensive malware detection. Experimental analysis demonstrates the efficacy of our proposed technique, achieving a remarkable speed-up of 9.8x compared to on-device inference, while maintaining a high malware detection accuracy of 96.7%.
4/17/2024
📉
Autonomous Adaptive Security Framework for 5G-Enabled IoT
Habtamu Abie, Sandeep Pirbhulal
0
0
In IoT-based critical sectors, 5G can provide more rapid connection speeds, lower latency, faster downloads, and capability to connect more devices due to the introduction of new dynamics such as softwarization and virtualization. 5G-enabled IoT networks increase systems vulnerabilities to security threats due to these dynamics. Consequently, adaptive cybersecurity solutions need to be developed for 5G-enabled IoT applications to protect them against potential cyber-attacks. This task specifies new adaptive strategies of security intelligence with associated scenarios to meet the challenges of 5G-IoT characteristics. In this task we have also developed an autonomous adaptive security framework which can protect 5G-enabaled IoT dynamically and autonomously. The framework is based on a closed feedback loop of advanced analytics to monitor, analyse, and adapt to evolving threats to 5G-enanled IoT applications.
6/6/2024
Enhancing IoT Security: A Novel Feature Engineering Approach for ML-Based Intrusion Detection Systems
Afsaneh Mahanipour, Hana Khamfroush
0
0
The integration of Internet of Things (IoT) applications in our daily lives has led to a surge in data traffic, posing significant security challenges. IoT applications using cloud and edge computing are at higher risk of cyberattacks because of the expanded attack surface from distributed edge and cloud services, the vulnerability of IoT devices, and challenges in managing security across interconnected systems leading to oversights. This led to the rise of ML-based solutions for intrusion detection systems (IDSs), which have proven effective in enhancing network security and defending against diverse threats. However, ML-based IDS in IoT systems encounters challenges, particularly from noisy, redundant, and irrelevant features in varied IoT datasets, potentially impacting its performance. Therefore, reducing such features becomes crucial to enhance system performance and minimize computational costs. This paper focuses on improving the effectiveness of ML-based IDS at the edge level by introducing a novel method to find a balanced trade-off between cost and accuracy through the creation of informative features in a two-tier edge-user IoT environment. A hybrid Binary Quantum-inspired Artificial Bee Colony and Genetic Programming algorithm is utilized for this purpose. Three IoT intrusion detection datasets, namely NSL-KDD, UNSW-NB15, and BoT-IoT, are used for the evaluation of the proposed approach.
5/1/2024