תקציר
Cyber-threat protection is one of the most challenging research branches of Internet-of-Things (<sc>i</sc>o<sc>t</sc>). With the exponential increase of tiny connected devices, the battle between friend and foe intensifies. Unfortunately, <sc>i</sc>o<sc>t</sc> devices offer very limited security features, laying themselves wide open to new attacks, inhibiting the expected global adoption of <sc>i</sc>o<sc>t</sc> technologies. Moreover, existing prevention and mitigation techniques and intrusion detection systems handle attack anomalies rather than the attack itself while using a significant amount of the network resources. <sc>rpl</sc>, the de-facto routing protocol for <sc>i</sc>o<sc>t</sc>, proposes minimal security features that cannot handle internal attacks. Hence, in this paper, we propose <sc>sprinkler</sc>, which identifies the specific <italic>thing</italic> that is under attack by an adversarial Man-in-The-Middle. <sc>sprinkler</sc> uses the multi-instance feature of <sc>rpl</sc> to identify the adversary. The proposed solution adheres to two basic principles: it only uses pre-existing standard routing protocols and does not rely on a centralized or trusted third-party node such as a certificate authority. All information must be gleaned by each node using only primitives that already exist in the underlying communication protocol, which excludes any training dataset. Simulations show that <sc>sprinkler</sc> adds minimal maintenance and energy expenditure while pinpointing deterministically the attacker in the network. In particular, <sc>sprinkler</sc> has a message delivery rate and detection rate of 100%.
שפה מקורית | אנגלית |
---|---|
עמודים (מ-עד) | 1-18 |
מספר עמודים | 18 |
כתב עת | IEEE Transactions on Mobile Computing |
מזהי עצם דיגיטלי (DOIs) | |
סטטוס פרסום | התקבל/בדפוס - 2024 |