Securing Communications in Internet of Things (IoT) Environments

Securing Communications in Internet of Things (IoT) Environments

Establishing the connectivity and delivering information for self-configuring wireless nodes in resource-constrained Internet of Things (IoT) environments is prone to security holes.

IoT has been recently extensively investigated through the introduction of various innovative network infrastructure designs such as mobile ad hoc networks (MANET), delay-tolerant networks (DTN) and information-centric networks (ICN).

Although a couple of proposals have been proposed for securing these infrastructure designs, dealing with potential attacks against neighbor discovery and localization such as wormhole attacks is an issue which has received considerable attentions recently. Secure neighbor discovery (SND) and secure localization play a critical role in location-based services which is a primary in IoT environments.

Another security issue in IoT is to detect malicious or selfish nodes and reduce unnecessary traffic on the network as well as to end devices.

The main idea is to protect spam in the "content" level rather than the "communication level", which ICN provides a great opportunity:

Spam might incur great workload in IoT environments. Large amount of spam wastes already precious network bandwidth, affects the existing timely communication, and might also cause denial of service (DOS) in the network. Even the network in which neighbors are authenticated cannot avoid spam with high accuracy and low false positive. The Email system is one of the examples. People still receive huge amount of spam when every mail server is authenticated by the DNS. We believe that spam can only be solved in the content level rather than communication level.

In this part of the work, we are going to find a way to protect spam in IoT with the help from ICN. ICN might provide a new way to solve the long-standing spam problem. In ICN, data are forwarded according to the Content Name or Content Descriptor. In order to disseminate the spam to the victims, spammers usually need to give spam a Content Name or a series of Content Descriptors, which partially reveals the content of the spam. But such information can also help the network identify the redundancy of the information disseminated (one key feature of spam is high redundancy). That gives us a possible way to monitor the amount of original information in a series of data sent to the network and try to identify spam at the “content” level.

Therefore, one key requirement of this environment is the ability to ensure that neighborhood discovery is securely performed and the wormholes can be prevented. Another key requirement is the ability to control spam and ensure that suitable denial-of-service capabilities are also built into the IoT architecture from the very beginning.

With the help of the simulation center, we can study the behavior of spammers and get the statistical information about how a spam is disseminated throughout the IoT network. Using the results, we can then fine tune metrics and threshold of the spam classifier. The verification of the spam protector can also be partially done in the simulation environment. The overhead and the benefit for different spam protectors can also be studied and compared to further optimize our spam protector.

Publication list