A Host-Based Intrusion Detection and Mitigation Framework for Smart Home IoT Using OpenFlow

2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI:10.1109/ARES.2016.64

Mehdi Nobakht, V. Sivaraman, R. Boreli

{"title":"A Host-Based Intrusion Detection and Mitigation Framework for Smart Home IoT Using OpenFlow","authors":"Mehdi Nobakht, V. Sivaraman, R. Boreli","doi":"10.1109/ARES.2016.64","DOIUrl":null,"url":null,"abstract":"Smart devices are gaining popularity in our homes with the promise to make our lives easier and more comfortable. However, the increased deployment of such smart devices brings an increase in potential security risks. In this work, we propose an intrusion detection and mitigation framework, called IoT-IDM, to provide a network-level protection for smart devices deployed in home environments. IoT-IDM monitors the network activities of intended smart devices within the home and investigates whether there is any suspicious or malicious activity. Once an intrusion is detected, it is also capable of blocking the intruder in accessing the victim device on the fly. The modular design of IoT-IDM gives its users the flexibility to employ customized machine learning techniques for detection based on learned signature patterns of known attacks. Software-defined networking technology and its enabling communication protocol, OpenFlow, are used to realise this framework. Finally, a prototype of IoT-IDM is developed and the applicability and efficiency of proposed framework demonstrated through a real IoT device: a smart light bulb.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"168","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 11th International Conference on Availability, Reliability and Security (ARES)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2016.64","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 168

Abstract

Smart devices are gaining popularity in our homes with the promise to make our lives easier and more comfortable. However, the increased deployment of such smart devices brings an increase in potential security risks. In this work, we propose an intrusion detection and mitigation framework, called IoT-IDM, to provide a network-level protection for smart devices deployed in home environments. IoT-IDM monitors the network activities of intended smart devices within the home and investigates whether there is any suspicious or malicious activity. Once an intrusion is detected, it is also capable of blocking the intruder in accessing the victim device on the fly. The modular design of IoT-IDM gives its users the flexibility to employ customized machine learning techniques for detection based on learned signature patterns of known attacks. Software-defined networking technology and its enabling communication protocol, OpenFlow, are used to realise this framework. Finally, a prototype of IoT-IDM is developed and the applicability and efficiency of proposed framework demonstrated through a real IoT device: a smart light bulb.

查看原文本刊更多论文

基于OpenFlow的基于主机的智能家居物联网入侵检测和缓解框架

智能设备在我们的家庭中越来越受欢迎，它有望使我们的生活更轻松、更舒适。然而，随着智能设备部署的增加，潜在的安全风险也在增加。在这项工作中，我们提出了一个入侵检测和缓解框架，称为IoT-IDM，为部署在家庭环境中的智能设备提供网络级保护。IoT-IDM监控家中智能设备的网络活动，并调查是否存在任何可疑或恶意活动。一旦检测到入侵，它还能够阻止入侵者在飞行中访问受害设备。IoT-IDM的模块化设计使用户能够灵活地采用定制的机器学习技术，根据已知攻击的学习签名模式进行检测。软件定义网络技术及其支持的通信协议OpenFlow用于实现该框架。最后，开发了IoT- idm的原型，并通过一个真实的IoT设备(智能灯泡)验证了所提出框架的适用性和效率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2016 11th International Conference on Availability, Reliability and Security (ARES)

自引率

0.00%

发文量