A Two-Mode, Adaptive Security Framework for Smart Home Security Applications

IF 3.5 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

ACM Transactions on Internet of Things Pub Date : 2023-11-17 DOI:10.1145/3617504

Devkishen Sisodia, Jun Li, Samuel Mergendahl, Hasan Cam

{"title":"A Two-Mode, Adaptive Security Framework for Smart Home Security Applications","authors":"Devkishen Sisodia, Jun Li, Samuel Mergendahl, Hasan Cam","doi":"10.1145/3617504","DOIUrl":null,"url":null,"abstract":"With the growth of the Internet of Things (IoT), the number of cyber attacks on the Internet is on the rise. However, the resource-constrained nature of IoT devices and their networks makes many classical security systems ineffective or inapplicable. We introduce TWINKLE, a two-mode, adaptive security framework that allows an IoT network to be in regular mode for most of the time, which incurs a low resource consumption rate, and to switch to vigilant mode only when suspicious behavior is detected, which potentially incurs a higher overhead. Compared to the early version of this work, this paper presents a more comprehensive design and architecture of TWINKLE, describes challenges and details in implementing TWINKLE, and reports evaluations of TWINKLE based on real-world IoT testbeds with more metrics. We show the efficacy of TWINKLE in two case studies where we examine two existing intrusion detection and prevention systems and transform both into new, improved systems using TWINKLE. Our evaluations show that TWINKLE is not only effective at securing resource-constrained IoT networks, but can also successfully detect and prevent attacks with a significantly lower overhead and detection latency than existing solutions.","PeriodicalId":29764,"journal":{"name":"ACM Transactions on Internet of Things","volume":"3 1","pages":""},"PeriodicalIF":3.5000,"publicationDate":"2023-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Internet of Things","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3617504","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

With the growth of the Internet of Things (IoT), the number of cyber attacks on the Internet is on the rise. However, the resource-constrained nature of IoT devices and their networks makes many classical security systems ineffective or inapplicable. We introduce TWINKLE, a two-mode, adaptive security framework that allows an IoT network to be in regular mode for most of the time, which incurs a low resource consumption rate, and to switch to vigilant mode only when suspicious behavior is detected, which potentially incurs a higher overhead. Compared to the early version of this work, this paper presents a more comprehensive design and architecture of TWINKLE, describes challenges and details in implementing TWINKLE, and reports evaluations of TWINKLE based on real-world IoT testbeds with more metrics. We show the efficacy of TWINKLE in two case studies where we examine two existing intrusion detection and prevention systems and transform both into new, improved systems using TWINKLE. Our evaluations show that TWINKLE is not only effective at securing resource-constrained IoT networks, but can also successfully detect and prevent attacks with a significantly lower overhead and detection latency than existing solutions.

查看原文本刊更多论文

智能家居安全应用的双模式自适应安全框架

随着物联网（IoT）的发展，互联网上的网络攻击数量不断上升。然而，物联网设备及其网络资源受限的特性使得许多经典安全系统失效或不适用。我们引入了 TWINKLE，这是一种双模式自适应安全框架，它允许物联网网络在大部分时间内处于常规模式（资源消耗率较低），只有在检测到可疑行为时才切换到警惕模式（可能会产生较高的开销）。与本文的早期版本相比，本文介绍了 TWINKLE 更全面的设计和架构，描述了实现 TWINKLE 所面临的挑战和细节，并报告了基于真实世界物联网测试平台的 TWINKLE 评估结果和更多指标。我们在两个案例研究中展示了 TWINKLE 的功效，在这两个案例研究中，我们检查了两个现有的入侵检测和防御系统，并使用 TWINKLE 将这两个系统转化为新的、改进的系统。我们的评估结果表明，TWINKLE 不仅能有效保护资源有限的物联网网络，还能成功检测和预防攻击，其开销和检测延迟明显低于现有解决方案。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ACM Transactions on Internet of Things

CiteScore

5.20

自引率

3.70%

发文量