Intrusion Detection in the Internet of Things : From Sniffing to a Border Router’s Point of View

Bull, Victoria

January 2023

The Internet of Things is expanding, and with the increasing numbers of connected devices,exploitation of those devices also becomes more common. Since IoT devices and IoT networksare used in many crucial areas in modern societies, ranging from everything between securityand militrary applications to healthcare monitoring and production efficiency, the need to securethese devices is of great importance for researchers and businesses. This project explores howan intrusion detection system called DETONAR can be used on border router logs, instead of itsoriginal use of sniffer devices. Using DETONAR in this way allows us to detect many differentattacks, without contributing to the additional cost of deploying sniffer devices and the additionalrisk of the sniffer devices themselves becoming the target of attack

Internet of Things

IoT

intrusion detection

routing attacks

Computer Engineering

Datorteknik

<b>Classifying and Identifying BGP Hijacking attacks on the internet</b>

Kai Chiu Oscar Wong (18431700)

26 April 2024

<p dir="ltr">The Internet is a large network of globally interconnected devices p used to facilitate the exchange of information across different parties. As usage of the Internet is expected to grow in the future, the underlying infrastructure must be secure to ensure traffic reaches its intended destination without any disruptions. However, the primary routing protocol used on the Internet, the Border Gateway Protocol (BGP), while scalable and can properly route traffic between large networks, does not inherently have any security mechanisms built within the protocol. This leads to devices that use BGP over the internet to be susceptible to BGP Hijacking attacks, which involve maliciously injected routes into BGP’s Routing Information Base (RIB) to intentionally redirect traffic to another destination. Attempts to solve these issues in the past have been challenging due to the prevalence of devices that use BGP on the existing Internet infrastructure and the lack of backward compatibility for proposed solutions. The goal of this research is to categorize the different types of BGP Hijacking attacks that are possible on a network, identify indicators that an ongoing BGP Hijacking attack based on received routes from the Internet locally without access to machines from other locations or networks, and subsequently leverage these indicators to protect local networks from external BGP Hijacking attacks.</p>

Network engineering

System and network security

Networking and communications

BGP

network security analysis

routing attacks

BGP Hijacking