Edge-based blockchain enabled anomaly detection for insider attack prevention in Internet of Things

Tukur, Yusuf M., Thakker, Dhaval, Awan, Irfan U.

31 March 2022

Yes / Internet of Things (IoT) platforms are responsible for overall data processing in the IoT System. This ranges from analytics and big data processing to gathering all sensor data over time to analyze and produce long-term trends. However, this comes with prohibitively high demand for resources such as memory, computing power and bandwidth, which the highly resource constrained IoT devices lack to send data to the platforms to achieve efficient operations. This results in poor availability and risk of data loss due to single point of failure should the cloud platforms suffer attacks. The integrity of the data can also be compromised by an insider, such as a malicious system administrator, without leaving traces of their actions. To address these issues, we propose in this work an edge-based blockchain enabled anomaly detection technique to prevent insider attacks in IoT. The technique first employs the power of edge computing to reduce the latency and bandwidth requirements by taking processing closer to the IoT nodes, hence improving availability, and avoiding single point of failure. It then leverages some aspect of sequence-based anomaly detection, while integrating distributed edge with blockchain that offers smart contracts to perform detection and correction of abnormalities in incoming sensor data. Evaluation of our technique using real IoT system datasets showed that the technique remarkably achieved the intended purpose, while ensuring integrity and availability of the data which is critical to IoT success. / Petroleum Technology Development Fund(PTDF) Nigeria, Grant/Award Number:PTDF/ED/PHD/TYM/858/16

Internet of Things (IoT)

Insider attack prevention

Edge computing

Sequence-based anomaly detection

Data

Denial of service : prevention, modelling and detection

Smith, Jason

January 2007

This research investigates the denial of service problem, in the context of services provided over a network, and contributes to improved techniques for modelling, detecting, and preventing denial of service attacks against these services. While the majority of currently employed denial of service attacks aim to pre-emptively consume the network bandwidth of victims, a significant amount of research effort is already being directed at this problem. This research is instead concerned with addressing the inevitable migration of denial of service attacks up the protocol stack to the application layer. Of particular interest is the denial of service resistance of key establishment protocols (security protocols that enable an initiator and responder to mutually authenticate and establish cryptographic keys for establishing a secure communications channel), which owing to the computationally intensive activities they perform, are particularly vulnerable to attack. Given the preponderance of wireless networking technologies this research hasalso investigated denial of service and its detection in IEEE 802.11 standards based networks. Specific outcomes of this research include: - investigation of the modelling and application of techniques to improve the denial of service resistance of key establishment protocols; - a proposal for enhancements to an existing modelling framework to accommodate coordinated attackers; - design of a new denial of service resistant key establishment protocol for securing signalling messages in next generation, mobile IPv6 networks; - a comprehensive survey of denial of service attacks in IEEE 802.11 wireless networks; discovery of a significant denial of service vulnerability in the clear channel assessment procedure implemented by the medium access control layer of IEEE 802.11 compliant devices; and - design of a novel, specification-based intrusion detection system for detecting denial of service attacks in IEEE 802.11 wireless networks.

denial of service resistance

key establishment

attack prevention

specificationbased intrusion detection

security modelling

cost-based modelling

mobile IP

IEEE 802.11 wireless networks

crypto-based identifiers.

Zpracování statistik přístupů k webovým systémům / System for Processing of Statistic Information of Web Systems Acessing

Zajda, Vladan

Unknown Date

This study deals with processing of web traffic statistics and traffic statistics of systems in general. Statistics allow finding out where the users came from, how much time they spent on the site, in which information were they interested in, and which technical devices were they using to browse the web site. Measured data are stored fore later evaluation by the owner or administrator of the monitored web site. Results are displayed in form of statistics. Gathered information could be used for quality or content improvement in order to the best satisfaction and benefit to the users. By secured areas of the application the attempts for not granted access could be tracked. Those gathered information statistic can be used to increase security of the application or eventually for identification of the attackers.