Mostrar el registro sencillo del ítem

COSMOS: Collaborative, Seamless and Adaptive Sentinel for the Internet of Things

dc.contributor.authorNespoli, Pantaleone
dc.contributor.authorUseche Pelaez, David
dc.contributor.authorDíaz López, Daniel
dc.contributor.authorGómez Mármol, Felix
dc.date.accessioned2021-05-18T22:39:28Z
dc.date.accessioned2021-10-01T17:22:45Z
dc.date.available2021-05-18T22:39:28Z
dc.date.available2021-10-01T17:22:45Z
dc.date.issued2019
dc.identifier.issn1424-8220, 2019
dc.identifier.urihttps://repositorio.escuelaing.edu.co/handle/001/1436
dc.description.abstractThe Internet of Things (IoT) became established during the last decade as an emerging technology with considerable potentialities and applicability. Its paradigm of everything connected together penetrated the real world, with smart devices located in several daily appliances. Such intelligent objects are able to communicate autonomously through already existing network infrastructures, thus generating a more concrete integration between real world and computer-based systems. On the downside, the great benefit carried by the IoT paradigm in our life brings simultaneously severe security issues, since the information exchanged among the objects frequently remains unprotected from malicious attackers. The paper at hand proposes COSMOS (Collaborative, Seamless and Adaptive Sentinel for the Internet of Things), a novel sentinel to protect smart environments from cyber threats. Our sentinel shields the IoT devices using multiple defensive rings, resulting in a more accurate and robust protection. Additionally, we discuss the current deployment of the sentinel on a commodity device (i.e., Raspberry Pi). Exhaustive experiments are conducted on the sentinel, demonstrating that it performs meticulously even in heavily stressing conditions. Each defensive layer is tested, reaching a remarkable performance, thus proving the applicability of COSMOS in a distributed and dynamic scenario such as IoT. With the aim of easing the enjoyment of the proposed entinel, we further developed a friendly and ease-to-use COSMOS App, so that end-users can manage sentinel(s) directly using their own devices (e.g., smartphone).eng
dc.description.abstractEl Internet de las cosas (IoT) se estableció durante la última década como una tecnología con potencialidades y aplicabilidad considerables. Su paradigma de todo lo conectado juntos penetraron en el mundo real, con dispositivos inteligentes ubicados en varios dispositivos diarios. Dichos objetos inteligentes pueden comunicarse de forma autónoma a través de una red ya existente. infraestructuras, generando así una integración más concreta entre el mundo real y el informático sistemas. En el lado negativo, el gran beneficio que trae el paradigma de IoT en nuestra vida trae simultáneamente graves problemas de seguridad, ya que la información intercambiada entre los objetos con frecuencia permanece desprotegido de atacantes malintencionados. El artículo que nos ocupa propone COSMOS (Colaborativo, Centinela adaptable y transparente para Internet de las cosas), un centinela novedoso para proteger entornos de amenazas cibernéticas. Nuestro centinela protege los dispositivos de IoT mediante múltiples anillos defensivos, resultando en una protección más precisa y robusta. Además, discutimos la implementación actual del centinela en un dispositivo básico (es decir, Raspberry Pi). Se realizan experimentos exhaustivos en el centinela, demostrando que funciona meticulosamente incluso en condiciones de mucho estrés. Cada capa defensiva es probada, alcanzando un desempeño notable, demostrando así la aplicabilidad de COSMOS en un escenario distribuido y dinámico como IoT. Con el objetivo de facilitar el disfrute del centinela propuesto, desarrollamos una aplicación COSMOS amigable y fácil de usar, para que los usuarios finales pueden administrar centinelas directamente utilizando sus propios dispositivos (por ejemplo, teléfonos inteligentes).spa
dc.format.extent29 páginasspa
dc.format.mimetypeapplication/pdfspa
dc.language.isoengspa
dc.rightsc 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/spa
dc.rights.urihttps://creativecommons.org/licenses/by/4.0/spa
dc.titleCOSMOS: Collaborative, Seamless and Adaptive Sentinel for the Internet of Thingsspa
dc.typeArtículo de revistaspa
dc.description.notesReceived: 18 February 2019; Accepted: 23 March 2019; Published: 27 March 2019spa
dc.description.notesDepartment of Information & Communication Engineering, University of Murcia, Calle Campus Universitario, 30100 Murcia, Spain; felixgm@um.es Department of System Engineering, Colombian School of Engineering Julio Garavito, AK 45 (Autonorte), Bogotá 205-59, Colombia; david.useche@mail.escuelaing.edu.co (D.U.P.); daniel.diaz@escuelaing.edu.co (D.D.L.)spa
dc.description.notesCorrespondence: pantaleone.nespoli@um.esspa
dc.type.versioninfo:eu-repo/semantics/publishedVersionspa
oaire.accessrightshttp://purl.org/coar/access_right/c_abf2spa
oaire.versionhttp://purl.org/coar/version/c_970fb48d4fbd8a85spa
dc.contributor.researchgroupCTG-Informáticaspa
dc.identifier.doidoi:10.3390/s19071492
dc.identifier.urlhttps://www.ncbi.nlm.nih.gov/pmc/articles/PMC6479720/pdf/sensors-19-01492.pdf
dc.publisher.placeSuizaspa
dc.relation.citationeditionVolume 19, Number 1492, 2019spa
dc.relation.citationendpage29spa
dc.relation.citationissue1492spa
dc.relation.citationstartpage1spa
dc.relation.citationvolume19spa
dc.relation.indexedN/Aspa
dc.relation.ispartofjournalSensorsspa
dc.relation.referencesWang, T.; Zhang, G.; Liu, A.; Bhuiyan, M.Z.A.; Jin, Q. A Secure IoT Service Architecture with an Efficient Balance Dynamics Based on Cloud and Edge Computing. IEEE Internet Things J. 2018. [CrossRef]spa
dc.relation.referencesYu, W.; Liang, F.; He, X.; Hatcher, W.G.; Lu, C.; Lin, J.; Yang, X. A Survey on the Edge Computing for the Internet of Things. IEEE Access 2018, 6, 6900–6919. [CrossRef]spa
dc.relation.referencesNespoli, P.; Gómez Mármol, F. e-Health Wireless IDS with SIEM integration. In Proceedings of the IEEE Wireless Communications and Networking Conference (WCNC18), Barcelona, Spain, 15–18 April 2018spa
dc.relation.referencesDíaz López, D.; Blanco Uribe, M.; Santiago Cely, C.; Tarquino Murgueitio, D.; Garcia Garcia, E.; Nespoli, P.; Gómez Mármol, F. Developing Secure IoT Services: A Security-Oriented Review of IoT Platforms. Symmetry 2018, 10, 669. [CrossRef]spa
dc.relation.referencesGartner. Gartner’s 2016 Hype Cycle for Emerging Technologies Identifies Three Key Trends That Organizations Must Track to Gain Competitive Advantage. 2016. Available online: https://www.gartner. com/newsroom/id/3412017 (accessed on 11 August 2018).spa
dc.relation.referencesCharmonman, S.; Mongkhonvanit, P. Special consideration for Big Data in IoE or Internet of Everything. In Proceedings of the 13th International Conference on ICT and Knowledge Engineering (ICT Knowledge Engineering 2015), Bangkok, Thailand, 18–20 November 2015; pp. 147–150.spa
dc.relation.referencesConti, M.; Dehghantanha, A.; Franke, K.; Watson, S. Internet of Things security and forensics: Challenges and opportunities. Future Gener. Comput. Syst. 2018, 78, 544–546. [CrossRef]spa
dc.relation.referencesTweneboah-Koduah, S.; Skouby, K.E.; Tadayoni, R. Cyber Security Threats to IoT Applications and Service Domains. Wirel. Person. Commun. 2017, 95, 169–185. [CrossRef]spa
dc.relation.referencesLing, Z.; Luo, J.; Xu, Y.; Gao, C.; Wu, K.; Fu, X. Security Vulnerabilities of Internet of Things: A Case Study of the Smart Plug System. IEEE Internet Things J. 2017, 4, 1899–1909. [CrossRef]spa
dc.relation.referencesAntonakakis, M.; April, T.; Bailey, M.; Bernhard, M.; Bursztein, E.; Cochran, J.; Durumeric, Z.; Halderman, J.A.; Invernizzi, L.; Kallitsis, M.; et al. Understanding the Mirai Botnet. In Proceedings of the 26th USENIX Conference on Security Symposium (SEC17), Vancouver, BC, Canada, 16–18 August 2017; pp. 1093–1110spa
dc.relation.referencesHwang, Y.H. IoT Security & Privacy: Threats and Challenges. In Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and Security (IoTPTS15), Singapore, 14 April 2015spa
dc.relation.referencesDíaz López, D.; Blanco Uribe, M.; Santiago Cely, C.; Vega Torres, A.; Moreno Guataquira, N.; Morón Castro, S.; Nespoli, P.; Gómez Mármol, F. Shielding IoT against cyber-attacks: An event-based approach using SIEM. Wirel. Commun. Mob. Comput. 2018, 2018, 3029638. [CrossRef]spa
dc.relation.referencesNespoli, P.; Zago, M.; Huertas Celdrán, A.; Gil Pérez, M.; Gómez Mármol, F.; García Clemente, F.J. A Dynamic Continuous Authentication Framework in IoT-Enabled Environments. In Proceedings of the Fifth International Conference on Internet of Things: Systems, Management and Security (IoTSMS 2018), Valencia, Spain, 15–18 October 2018; pp. 131–138.spa
dc.relation.referencesLin, H.; Bergmann, N.W. IoT Privacy and Security Challenges for Smart Home Environments. Information 2016, 7, 44. [CrossRef]spa
dc.relation.referencesKambourakis, G.; Gomez Marmol, F.; Wang, G. Security and Privacy in Wireless and Mobile Networks. Future Internet 2018, 10, 18. [CrossRef]spa
dc.relation.referencesMiettinen, M.; Marchal, S.; Hafeez, I.; Asokan, N.; Sadeghi, A.R.; Tarkoma, S. IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT. In Proceedings of the IEEE 37th International Conference on Distributed Computing Systems (ICDCS17), Atlanta, GA, USA, 5–8 June 2017; pp. 2177–2184spa
dc.relation.referencesNing, H.; Hong, L.; Yang, L.T. Cyberentity Security in the Internet of Things. Computer 2013, 46, 46–53. [CrossRef]spa
dc.relation.referencesSforzin, A.; Gómez Mármol, F.; Conti, M.; Bohli, J.M. RPiDS: Raspberry Pi IDS A Fruitful Intrusion Detection System for IoT. In Proceedings of the IEEE Conference on Advanced and Trusted Computing, Toulouse, France, 18–21 July 2016; pp. 440–448spa
dc.relation.referencesVasilomanolakis, E.; Karuppayah, S.; Mühlhäuser, M.; Fischer, M. Taxonomy and Survey of Collaborative Intrusion Detection. ACM Comput. Surv. 2015, 47, 1–33. [CrossRef]spa
dc.relation.referencesUseche Peláez, D.; Díaz López, D.; Nespoli, P.; Gómez Mármol, F. TRIS: A Three-Rings IoT Sentinel to protect against cyber-threats. In Proceedings of the Fifth International Conference on Internet of Things: Systems, Management and Security (IoTSMS 2018), Valencia, Spain, 15–18 October 2018; pp. 123–130.spa
dc.relation.referencesNespoli, P.; Papamartzivanos, D.; Mármol, F.G.; Kambourakis, G. Optimal Countermeasures Selection Against Cyber Attacks: A Comprehensive Survey on Reaction Frameworks. IEEE Commun. Surv. Tutor. 2018, 20, 1361–1396. [CrossRef]spa
dc.relation.referencesPapamartzivanos, D.; Gómez Mármol, F.; Kambourakis, G. Introducing Deep Learning Self-Adaptive Misuse Network Intrusion Detection Systems. IEEE Access 2019, 7, 13546–13560. [CrossRef]spa
dc.relation.referencesSnort. Network Intrusion Detection and Prevention System. Available online: https://www.snort.org/ (accessed on 26 March 2019)spa
dc.relation.referencesPathan, A.S.K. The State of the Art in Intrusion Prevention and Detection; Taylor & Francis: Milton Park, Abingdon, UK, 2014.spa
dc.relation.referencesKismet. Wireless Sniffer and Network Intrusion Detection System. Available online: https://www. kismetwireless.net (accessed on 26 March 2019).spa
dc.relation.referencesOpenVAS. Open Vulnerability Assessment System. Available online: http://www.openvas.org (accessed on 26 March 2019).spa
dc.relation.referencesVarsalone, J.; McFadden, M. Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It; Taylor & Francis: Milton Park, Abingdon, UK, 2011.spa
dc.relation.referencesYARA. The Pattern Matching Swiss Knife for Malware Researchers. Available online: http://yara. readthedocs.io (accessed on 26 March 2019).spa
dc.relation.referencesLatifi, S. Information Technology: New Generations: 13th International Conference on Information Technology; Advances in Intelligent Systems and Computing; Springer International Publishing: Cham, Switzerland, 2016.spa
dc.relation.referencesWeka. Data Mining with Open Source Machine Learning Software. Available online: https://cs.waikato.ac. nz/ml/weka (accessed on 26-03-2019).spa
dc.relation.referencesKaluža, B. Instant Weka How-to; Packt Publishing: Birmingham, UK, 2013.spa
dc.relation.referencesKoodous. Collaborative Platform for Android Malware Research. Available online: https://koodous.com (accessed on 26 March 2019)spa
dc.relation.referencesAPKMirror. Free APK Downloads. Available online: https://www.apkmirror.com/ (accessed on 26 March 2019)spa
dc.relation.referencesArp, D.; Spreitzenbarth, M.; Huebner, M.; Gascon, H.; Rieck, K. Drebin: Effective and Explainable Detection of Android Malware in Your Pocket. In Proceedings of the 21th Annual Network and Distributed System Security Symposium (NDSS14), San Diego, CA, USA, 23–26 February 2014; pp. 23–26.spa
dc.relation.referencesVirusTotal. Free On-Line File Analyzer. Available online: https://www.virustotal.com (accessed on 26 March 2019).spa
dc.relation.referencesCiampa, M. CompTIA Security+ Guide to Network Security Fundamentals; Cengage Learning: Boston, MA, USA, 2017.spa
dc.relation.referencesRadare. Portable Reversing Framework. Available online: https://rada.re/r (accessed on 26 March 2019).spa
dc.relation.referencesDunham, K.; Hartman, S.; Quintans, M.; Morales, J.A.; Strazzere, T. Android Malware and Analysis; Information Security Books; CRC Press: Boca Raton, FL, USA, 2014.spa
dc.relation.referencesDrake, J.J.; Lanier, Z.; Mulliner, C.; Fora, P.O.; Ridley, S.A.; Wicherski, G. Android Hacker’s Handbook; EBL-Schweitzer; Wiley: Hoboken, NJ, USA, 2014.spa
dc.relation.referencesOSSIM. Alienvault Open-Source SIEM. Available online: https://www.alienvault.com/products/ossim (accessed on 26 March 2019).spa
dc.relation.referencesSavas, O.; Deng, J. Big Data Analytics in Cybersecurity; Data Analytics Applications; CRC Press: Boca Raton, FL, USA, 2017spa
dc.relation.referencesAkula, M.; Mahajan, A. Security Automation with Ansible 2: Leverage Ansible 2 to Automate Complex Security Tasks Like Application Security, Network Security, and Malware Analysis; Packt Publishing: Birmingham, UK, 2017spa
dc.relation.referencesDash, S.K.; Suarez-Tangil, G.; Khan, S.; Tam, K.; Ahmadi, M.; Kinder, J.; Cavallaro, L. DroidScribe: Classifying Android Malware Based on Runtime Behavior. In Proceedings of the IEEE Security and Privacy Workshops (SPW16), San Jose, CA, USA, 22–26 May 2016; pp. 252–261.spa
dc.relation.referencesNespoli, P. WISS: Wireless IDS for IoT with SIEM integration. Master’s Thesis, University of Naples Federico II, Naples, Italy, 2017spa
dc.relation.referencesHeriyanto, T.; Allen, L.; Ali, S. Kali Linux: Assuring Security by Penetration Testing; Packt Publishing: Birmingham, UK, 2014.spa
dc.relation.referencesAho, A.V.; Corasick, M.J. Efficient String Matching: An Aid to Bibliographic Search. Commun. ACM 1975, 18, 333–340. [CrossRef]spa
dc.relation.referencesYara Rules. Yara Rules Official Repository. Available online: https://github.com/Yara-Rules (accessed on 26 March 2019).spa
dc.relation.referencesRonen, R.; Radu, M.; Feuerstein, C.; Yom-Tov, E.; Ahmadi, M. Microsoft Malware Classification Challenge. arXiv 2018, arXiv:1802.10135.spa
dc.relation.referencesOffensive Computing. Free Malware Download. Available online: http://www.offensivecomputing.net/ (accessed on 26 March 2019)spa
dc.relation.referencesVirus Sign. Malware Research and Data Center. Available online: http://www.virussign.com/ (accessed on 26 March 2019).spa
dc.relation.referencesZelter. Malware Sample Sources. Available online: https://zeltser.com/malware-sample-sources/ (accessed on 26 March 2019).spa
dc.relation.referencesNing, H.; Liu, H. Cyber-Physical-Social Based Security Architecture for Future Internet of Things. Adv. Internet Things 2012, 2, 1–7. [CrossRef]spa
dc.relation.referencesDorri, A.; Kanhere, S.; Jurdak, R. Blockchain in internet of things: Challenges and Solutions. arXiv 2016, arXiv:1608.05187.spa
dc.relation.referencesTor Project. Anonymity online. Available online: https://www.torproject.org/ (accessed on 26 March 2019).spa
dc.relation.referencesRiahi, A.; Challal, Y.; Natalizio, E.; Chtourou, Z.; Bouabdallah, A. A Systemic Approach for IoT Security. In Proceedings of the IEEE International Conference on Distributed Computing in Sensor Systems, Cambridge, MA, USA, 21–23 May 2013; pp. 351–355.spa
dc.relation.referencesBabar, S.; Stango, A.; Prasad, N.; Sen, J.; Prasad, R. Proposed embedded security framework for Internet of Things (IoT). In Proceedings of the 2nd IEEE International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology (Wireless VITAE), Chennai, India, 28 February–3 March 2011; pp. 1–5spa
dc.relation.referencesRahman, A.F.A.; Daud, M.; Mohamad, M.Z. Securing Sensor to Cloud Ecosystem using Internet of Things (IoT) Security Framework. In Proceedings of the International Conference on Internet of things and Cloud Computing—ICC ’16, Cambridge, UK, 22–23 March 2016; pp. 1–5.spa
dc.relation.referencesAbie, H.; Balasingham, I. Risk-based Adaptive Security for Smart IoT in eHealth. In Proceedings of the 7th International Conference on Body Area Networks (BodyNets12), Oslo, Norway, 24–26 September 2012; pp. 269–275.spa
dc.relation.referencesCheng, S.M.; Chen, P.Y.; Lin, C.C.; Hsiao, H.C. Traffic-Aware Patching for Cyber Security in Mobile IoT. IEEE Commun. Mag. 2017, 55, 29–35. [CrossRef]spa
dc.relation.referencesRoux, J.; Alata, E.; Auriol, G.; Nicomette, V.; Kaâniche, M. Toward an Intrusion Detection Approach for IoT based on Radio Communications Profiling. In Proceedings of the 13th European Dependable Computing Conference, Geneva, Switzerland, 4–8 September 2017; pp. 147–150.spa
dc.relation.referencesHodo, E.; Bellekens, X.; Hamilton, A.; Dubouilh, P.L.; Iorkyase, E.; Tachtatzis, C.; Atkinson, R. Threat analysis of IoT networks using artificial neural network intrusion detection system. In Proceedings of the 2016 International Symposium on Networks, Computers and Communications (ISNCC16), Hammamet, Tunisia, 11–13 May 2016; pp. 1–6.spa
dc.relation.referencesMeidan, Y.; Bohadana, M.; Shabtai, A.; Ochoa, M.; Tippenhauer, N.O.; Guarnizo, J.D.; Elovici, Y. Detection of Unauthorized IoT Devices Using Machine Learning Techniques. arXiv 2017, arXiv:1709.04647.spa
dc.relation.referencesHasan, M.A.M.; Nasser, M.; Ahmad, S.; Molla, K.I. Feature selection for intrusion detection using random forest. J. Inf. Secur. 2016, 7, 129. [CrossRef]spa
dc.relation.referencesPa, Y.M.P.; Suzuki, S.; Yoshioka, K.; Matsumoto, T.; Kasama, T.; Rossow, C. IoTPOT: A Novel Honeypot for Revealing Current IoT Threats. J. Inf. Process. 2016, 24, 522–533. [CrossRef]spa
dc.relation.referencesSivaraman, V.; Gharakheili, H.H.; Vishwanath, A.; Boreli, R.; Mehani, O. Network-level security and privacy control for smart-home IoT devices. In Proceedings of the IEEE 11th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob15), Abu Dhabi, UAE, 19–21 October 2015; pp. 163–167.spa
dc.rights.accessrightsinfo:eu-repo/semantics/openAccessspa
dc.rights.creativecommonsAtribución 4.0 Internacional (CC BY 4.0)spa
dc.subject.armarcInternet de las cosasspa
dc.subject.armarcAprendizaje automático (Inteligencia artificial)spa
dc.subject.armarcSeguridad informáticaspa
dc.subject.proposalInternet of Thingseng
dc.subject.proposalSentinel for the IoTeng
dc.subject.proposalIntrusion detection systemeng
dc.subject.proposalSmart homeeng
dc.subject.proposalMachine learningeng
dc.subject.proposalMalware detectioneng
dc.subject.proposalThreat intelligenceeng
dc.type.coarhttp://purl.org/coar/resource_type/c_2df8fbb1spa
dc.type.contentTextspa
dc.type.driverinfo:eu-repo/semantics/articlespa
dc.type.redcolhttp://purl.org/redcol/resource_type/ARTspa


Ficheros en el ítem

Thumbnail
Nombre:
COSMOS_ Collaborative, Seamless ...
Tamaño:
2.553Mb
Formato:
PDF
Ver/

Este ítem aparece en la(s) siguiente(s) colección(ones)

Mostrar el registro sencillo del ítem

c 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/
Excepto si se señala otra cosa, la licencia del ítem se describe como c 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/