A Two-Mode, Adaptive Security Framework for Smart Home Security Applications
Article No.: 8, Pages 1 - 31
Abstract
With the growth of the Internet of Things (IoT), the number of cyber attacks on the Internet is on the rise. However, the resource-constrained nature of IoT devices and their networks makes many classical security systems ineffective or inapplicable. We introduce TWINKLE, a two-mode, adaptive security framework that allows an IoT network to be in regular mode for most of the time, which incurs a low resource consumption rate, and to switch to vigilant mode only when suspicious behavior is detected, which potentially incurs a higher overhead. Compared to the early version of this work, this article presents a more comprehensive design and architecture of TWINKLE, describes challenges and details in implementing TWINKLE, and reports evaluations of TWINKLE based on real-world IoT testbeds with more metrics. We show the efficacy of TWINKLE in two case studies where we examine two existing intrusion detection and prevention systems and transform both into new, improved systems using TWINKLE. Our evaluations show that TWINKLE is not only effective at securing resource-constrained IoT networks, but can also successfully detect and prevent attacks with a significantly lower overhead and detection latency than existing solutions.
References
[1]
2019. Snort - Network Intrusion Detection & Prevention System. Retrieved from https://www.snort.org/
[2]
2019. Suricata - Open Source IDS / IPS / NSM Engine. Retrieved from https://suricata-ids.org/
[3]
Abror Abduvaliyev, Al-Sakib Khan Pathan, Jianying Zhou, Rodrigo Roman, and Wai-Choong Wong. 2013. On the vital areas of intrusion detection systems in wireless sensor networks. IEEE Communications Surveys & Tutorials 15, 3 (2013), 1223–1237.
[4]
Habtamu Abie and Ilangko Balasingham. 2012. Risk-based adaptive security for smart IoT in eHealth. In Proceedings of the 7th International Conference on Body Area Networks. ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering), 269–275.
[5]
Jorge Bernal Bernabe, Jose Luis Hernandez, M. Victoria Moreno, and Antonio F. Skarmeta Gomez. 2014. Privacy-preserving security framework for a social-aware Internet of Things. In Proceedings of the International Conference on Ubiquitous Computing and Ambient Intelligence. Springer, 408–415.
[6]
Olivier Blazy, Emmanuel Conchon, Mathieu Klingler, and Damien Sauveron. 2021. An IoT attribute-based security framework for topic-based publish/subscribe systems. IEEE Access 9 (2021), 19066–19077.
[7]
Z. Berkay Celik, Earlence Fernandes, Eric Pauley, Gang Tan, and Patrick McDaniel. 2018. Program analysis of commodity IoT applications for security and privacy: Challenges and opportunities. arXiv:1809.06962. Retrieved from https://arxiv.org/abs/1809.06962
[8]
Z. Berkay Celik, Gang Tan, and Patrick McDaniel. 2019. IOTGUARD: Dynamic enforcement of security and safety policy in commodity IoT. In Proceedings of the Network and Distributed System Security Symposium (NDSS ’19).
[9]
Christian Cervantes, Diego Poplade, Michele Nogueira, and Aldri Santos. 2015. Detection of sinkhole attacks for supporting secure routing on 6LoWPAN for Internet of Things. In Proceedings of the IFIP/IEEE International Symposium on Integrated Network Management. IEEE, 606–611.
[10]
Tony Cheneau. 2013. SimpleRPL. Retrieved from https://github.com/tcheneau/simpleRPL
[11]
Tamara Denning, Tadayoshi Kohno, and Henry M. Levy. 2013. Computer security and the modern home. ACM Communications 56, 1 (2013), 94–103.
[12]
Laura Marie Feeney and Martin Nilsson. 2001. Investigating the energy consumption of a wireless network interface in an Ad Hoc networking environment. In Proceedings of the IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No. 01CH37213), Vol. 3. IEEE, 1548–1557.
[13]
Earlence Fernandes, Jaeyeon Jung, and Atul Prakash. 2016. Security analysis of emerging smart home applications. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, 636–654.
[14]
Earlence Fernandes, Amir Rahmati, Jaeyeon Jung, and Atul Prakash. 2018. Decentralized action integrity for trigger-action IoT platforms. In Proceedings of the Network and Distributed Security Symposium (NDSS ’18).
[15]
Weijia He, Maximilian Golla, Roshni Padhi, Jordan Ofek, Markus Dürmuth, Earlence Fernandes, and Blase Ur. 2018. Rethinking access control and authentication for the home Internet of Things (IoT). In Proceedings of the 27th USENIX Security Symposium. 255–272.
[16]
Scott Hilton. 2016. Dyn Analysis Summary of Friday October 21 Attack. Retrieved from https://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-attack
[17]
Ionut Ilascu. 2018. IoT Botnets Responsible for More Powerful DDoS Attacks. Retrieved from https://www.bitdefender.com/box/blog/iot-news/iot-botnets-responsible-powerful-ddos-attacks/
[18]
Dimitris N. Kalofonos and Saad Shakhshir. 2007. IntuiSec: A framework for intuitive user interaction with smart home security using mobile devices. In Proceedings of the IEEE 18th International Symposium on Personal, Indoor and Mobile Radio Communications. IEEE, 1–5.
[19]
Won Min Kang, Seo Yeon Moon, and Jong Hyuk Park. 2017. An enhanced security framework for home appliances in smart home. Human-centric Computing and Information Sciences, 1–6.
[20]
S. Kent and R. Atkinson. 2015. RFC 2401: Security Architecture for the Internet Protocol. Retrieved from https://www.rfc-editor.org/rfc/rfc2401.html
[21]
Pardeep Kumar, An Braeken, Andrei Gurtov, Jari Iinatti, and Phuong Ha. 2017. Anonymous secure framework in connected smart home environments. IEEE Transactions on Information Forensics and Security, 968–979.
[22]
Shrirang Mare, Logan Girvin, Franziska Roesner, and Tadayoshi Kohno. 2019. Consumer smart homes: Where we are and where we need to go. In Proceedings of the 20th International Workshop on Mobile Computing Systems and Applications. ACM, 117–122.
[23]
Jelena Mirkovic and Peter Reiher. 2005. D-WARD: A source-end defense against flooding denial-of-service attacks. IEEE transactions on Dependable and Secure Computing 2, 3 (2005), 216–232.
[24]
R. Moskowitz and P. Nikander. 2015. RFC 4423: Host Identity Protocol Architecture. Retrieved from https://datatracker.ietf.org/doc/html/draft-ietf-hip-arch
[25]
Ricardo Neisse, Gary Steri, and Gianmarco Baldini. 2014. Enforcement of security policy rules for the Internet of Things. In Proceedings of the IEEE 10th International Conference on Wireless and Mobile Computing. IEEE, 165–172.
[26]
Sukhvir Notra, Muhammad Siddiqi, Hassan Habibi Gharakheili, Vijay Sivaraman, and Roksana Boreli. 2014. An experimental study of security and privacy risks with emerging household appliances. In Proceedings of the IEEE Conference on Communications and Network Security. IEEE, 79–84.
[27]
Vern Paxson. 1999. Bro: A system for detecting network intruders in real-time. Computer Networks 31, 23-24 (1999), 2435–2463. Retrieved from http://www.icir.org/vern/papers/bro-CN99.pdf
[28]
Amir Rahmati, Earlence Fernandes, Kevin Eykholt, and Atul Prakash. 2018. Tyche: A risk-based permission model for smart homes. In Proceedings of the IEEE Cybersecurity Development (SecDev ’18). IEEE, 29–36.
[29]
Shailendra Rathore, Jong Hyuk Park, and Hangbae Chang. 2021. Deep learning and blockchain-empowered security framework for intelligent 5G-Enabled IoT. IEEE Access 9 (2021), 90075–90083.
[30]
Shahid Raza, Linus Wallgren, and Thiemo Voigt. 2013. SVELTE: Real-time intrusion detection in the Internet of Things. Ad hoc Networks 11, 8 (2013), 2661–2674.
[31]
Rodrigo Roman, Jianying Zhou, and Javier Lopez. 2006. Applying intrusion detection systems to wireless sensor networks. In Proceedings of the IEEE Consumer Communications & Networking Conference. IEEE, 640–644.
[32]
Anuj Sehgal, Vladislav Perelman, Siarhei Kuryla, and Jurgen Schonwalder. 2012. Management of resource constrained devices in the Internet of Things. IEEE Communications Magazine 50, 12 (2012).
[33]
Amit Kumar Sikder, Leonardo Babun, and A Selcuk Uluagac. 2021. Aegis+ A context-aware platform-independent security framework for smart home systems. Digital Threats: Research and Practice 2, 1 (2021), 1–33.
[34]
Anna Kornfeld Simpson, Franziska Roesner, and Tadayoshi Kohno. 2017. Securing vulnerable home IoT devices with an in-hub security manager. In Proceedings of the IEEE International Conference on Pervasive Computing and Communications Workshops. IEEE, 551–556.
[35]
Devkishen Sisodia, Samuel Mergendahl, Jun Li, and Hasan Cam. 2018. Securing the smart home via a two-mode security framework. In Proceedings of the 14th EAI International Conference on Security and Privacy in Communication Networks (SecureComm ’18). Springer, 22–42.
[36]
Vijay Sivaraman, Hassan Habibi Gharakheili, Clinton Fernandes, Narelle Clark, and Tanya Karliychuk. 2018. Smart IoT devices in the home: Security and privacy implications. IEEE Technology and Society Magazine 37, 2 (2018), 71–79.
[37]
Julie Song. 2019. The Realities Of Smart City Development. Retrieved from https://www.forbes.com/sites/forbestechcouncil/2019/05/14/the-realities-of-smart-city-development
[38]
OSSEC Project Team. 2019. OSSEC: Open Source HIDS SECurity. Retrieved from https://ossec.github.io/index.html
[39]
Linus Wallgren, Shahid Raza, and Thiemo Voigt. 2013. Routing attacks and countermeasures in the RPL-based Internet of Things. International Journal of Distributed Sensor Networks 9, 8 (2013), 1–11.
[40]
T. Winter, P. Thubert, A. Brandt, J. W. Hui, and R. Kelsey. 2012. RFC 6550: RPL: IPv6 Routing Protocol for Low-power and Lossy Networks. Retrieved from https://tools.ietf.org/html/rfc6550
Index Terms
- A Two-Mode, Adaptive Security Framework for Smart Home Security Applications
Recommendations
Security in smart home environment: issues, challenges, and countermeasures - a survey
The accelerated spread of the IoT and rapid development of modern communication networks and technologies have connected the physical world with computational elements in the smart home environment. The smart home is based on IoT technology which ...
Study of the Different Security Threats on the Internet of Things and their Applications
NISS '19: Proceedings of the 2nd International Conference on Networking, Information Systems & SecurityThe Internet of Things is one of the revolutions of the industry 4.0. It will change our lives mode. It will be present in every domain: healthcare, transportation, at home, agriculture generally in the city. Everyone will be connected to the Internet ...
Security Threats and Possible Countermeasures in IoT Applications Covering Different Industry Domains
ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and SecurityThe world is witnessing the emerging role of Internet of Things (IoT) as a technology that is transforming different industries, global community and its economy. Currently a plethora of interconnected smart devices have been deployed for diverse ...
Comments
Information & Contributors
Information
Published In
May 2024
214 pages
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Journal Family
Publication History
Published: 24 February 2024
Online AM: 17 November 2023
Accepted: 31 May 2023
Revised: 07 March 2023
Received: 30 November 2021
Published in TIOT Volume 5, Issue 2
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
- Science and Technology Directorate of the United States Department of Homeland Security
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 332Total Downloads
- Downloads (Last 12 months)332
- Downloads (Last 6 weeks)38
Reflects downloads up to 12 Sep 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in