AntibIoTic: : The Fog-enhanced distributed security system to protect the (legacy) Internet of Things
Abstract
The Internet of Things (IoT) is evolving our society; however, the growing adoption of IoT devices in many scenarios brings security and privacy implications. Current security solutions are either unsuitable for every IoT scenario or provide only partial security. This paper presents AntibIoTic 2.0, a distributed security system that relies on Fog computing to secure IoT devices, including legacy ones. The system is composed of a backbone, made of core Fog nodes and Cloud server, a Fog node acting at the edge as the gateway of the IoT network, and a lightweight agent running on each IoT device. The proposed system offers fine-grained, host-level security coupled with network-level protection, while its distributed nature makes it scalable, versatile, lightweight, and easy to deploy, also for legacy IoT deployments. AntibIoTic 2.0 can also publish anonymized and aggregated data and statistics on the deployments it secures, to increase awareness and push cooperations in the area of IoT security. This manuscript recaps and largely expands previous works on AntibIoTic, providing an enhanced design of the system, an extended proof-of-concept that proves its feasibility and shows its operation, and an experimental evaluation that reports the low computational overhead it causes.
References
[1]
T. Abera, N. Asokan, L. Davi, F. Koushanfar, A. Paverd, A.-R. Sadeghi and G. Tsudik, Things, trouble, trust: On building trust in IoT systems, in: Proceedings of the 53rd Annual Design Automation Conference, 2016, pp. 1–6.
[2]
M.A. Al-Garadi, A. Mohamed, A. Al-Ali, X. Du, I. Ali and M. Guizani, A survey of machine and deep learning methods for Internet of Things (IoT) security, IEEE Communications Surveys & Tutorials (2020).
[3]
M. Al-Hawawreh, F. den Hartog and E. Sitnikova, Targeted ransomware: A new cyber threat to edge system of brownfield industrial Internet of Things, IEEE Internet of Things Journal 6(4) (2019), 7137–7151, https://ieeexplore.ieee.org/abstract/document/8703829.
[4]
S. Aldhaheri, D. Alghazzawi, L. Cheng, A. Barnawi and B.A. Alzahrani, Artificial immune systems approaches to secure the Internet of things: A systematic review of the literature and recommendations for future research, Journal of Network and Computer Applications 157 (2020), 102537.
[5]
S. Alharbi, P. Rodriguez, R. Maharaja, P. Iyer, N. Bose and Z. Ye, FOCUS: A Fog computing-based security system for the Internet of Things, in: Proceedings of the 15th Consumer Communications & Networking Conference (CCNC), IEEE, 2018, pp. 1–5, ISSN 2331-9860.
[6]
K. Alieyan, A. Almomani, R. Abdullah, B. Almutairi and M. Alauthman, Botnet and Internet of Things (IoTs): A definition, taxonomy, challenges, and future directions, in: Security, Privacy, and Forensics Issues in Big Data, IGI Global, 2020, pp. 304–316.
[7]
M.N. Aman, M.H. Basheer, S. Dash, J.W. Wong, J. Xu, H.W. Lim and B. Sikdar, HAtt: Hybrid remote attestation for the Internet of things with high availability, IEEE Internet of Things Journal (2020).
[8]
M. Ammar, B. Crispo and G. Tsudik, SIMPLE: A remote attestation approach for resource-constrained IoT devices, in: Proceedings of the 11th International Conference on Cyber-Physical Systems (ICCPS), IEEE, 2020, pp. 247–258.
[9]
I. Anastasov and D. Davcev, SIEM implementation for global and distributed environments, in: Proceedings of the World Congress on Computer Applications and Information Systems (WCCAIS), IEEE, 2014, pp. 1–6.
[10]
J. Arshad, M.A. Azad, M.M. Abdeltaif and K. Salah, An intrusion detection framework for energy constrained IoT devices, Mechanical Systems and Signal Processing 136 (2020), 106436.
[11]
K. Ashton et al., That ‘Internet of Things’ thing, RFID journal 22(7) (2009), 97–114.
[12]
M. Aslam, B. Mohsin, A. Nasir and S. Raza, FoNAC – An automated Fog node audit and certification scheme, Computers & Security 93 (2020), 101759.
[13]
I.S. Association, 1934–2018-IEEE Standard for Adoption of OpenFog Reference Architecture for Fog Computing, 2018, https://ieeexplore.ieee.org/document/8423800.
[14]
L. Atzori, A. Iera and G. Morabito, The Internet of Things: A survey, Computer networks 54(15) (2010), 2787–2805.
[15]
S. Bhatt, P.K. Manadhata and L. Zomlot, The operational role of security information and event management systems, IEEE security & Privacy 12(5) (2014), 35–41.
[16]
F. Bonomi, R. Milito, J. Zhu and S. Addepalli, Fog computing and its role in the Internet of Things, in: Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing, 2012, pp. 13–16.
[17]
C. Bormann, M. Ersue and A. Keranen, Terminology for Constrained-Node Networks, Internet Engineering Task Force (IETF), Request for Comments: 7229 (2014), https://tools.ietf.org/html/rfc7228.
[18]
C. EU Parliament, Directive of the European Parliament and of the Council of 12 August 2013 on Attacks Against Information Systems and Replacing Council Framework Decision 2005/222/JHA, Vol. 218, 2013, https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32013L0040&from=EN [Accessed on July 15th, 2020].
[19]
Cisco, Cisco Visual Networking Index: Forecast and Trends, 2017–2022, Technical Report, 2018, https://www.cisco.com/c/en/us/solutions/collateral/service-provider/visual-networking-index-vni/white-paper-c11-741490.pdf.
[20]
F. Concone, G.L. Re and M. Morana, A Fog-based application for human activity recognition using personal smart devices, ACM Transactions on Internet Technology (TOIT) 19(2) (2019), 1–20.
[21]
I.I. Consortium, Industrial Internet of Things Volume G4: Security Framework, Technical Report, 2016, https://www.iiconsortium.org/IISF.htm.
[22]
I.I. Consortium, The Industrial Internet of Things Volume G1: Reference Architecture, Technical Report, 2019, https://www.iiconsortium.org/IIRA.htm.
[23]
M. Dabbaghjamanesh, A. Kavousi-Fard and Z. Dong, A novel distributed Cloud-Fog based framework for energy management of networked microgrids, IEEE Transactions on Power Systems (2020).
[24]
M. De Donno, AntibIoTic 2 0 – Demo [Video], 2020, https://youtu.be/xiIKLREo3vY.
[25]
M. De Donno, AntibIoTic [source code], 2020, https://github.com/michele-dedonno/AntibIoTic.
[26]
M. De Donno and N. Dragoni, Combining AntibIoTic with Fog computing: Antibiotic 2.0, in: Proceeding of the 3rd International Conference on Fog and Edge Computing (ICFEC), IEEE, 2019, pp. 1–6.
[27]
M. De Donno, N. Dragoni, A. Giaretta and M. Mazzara, AntibIoTic: Protecting IoT devices against DDoS attacks, in: International Conference in Software Engineering for Defence Applications, Springer, 2016, pp. 59–72.
[28]
M. De Donno, N. Dragoni, A. Giaretta and A. Spognardi, Analysis of DDoS-capable IoT malwares, in: Proceedings of the Federated Conference on Computer Science and Information Systems (FedCSIS), IEEE, 2017, pp. 807–816.
[29]
M. De Donno, N. Dragoni, A. Giaretta and A. Spognardi, DDoS-capable IoT malwares: Comparative analysis and Mirai investigation, Security and Communication Networks 2018 (2018), 7178164.
[30]
M. De Donno, J.M.D. Felipe and N. Dragoni, ANTIBIOTIC 2.0: A fog-based anti-malware for Internet of Things, in: Proceedings of the European Symposium on Security and Privacy Workshops (EuroS&PW), IEEE, 2019, pp. 11–20.
[31]
M. De Donno, K. Tange and N. Dragoni, Foundations and evolution of modern computing paradigms: Cloud, IoT, edge, and Fog, IEEE Access 7 (2019), 150936–150948.
[32]
C.A. de Souza, C.B. Westphall, R.B. Machado, J.B.M. Sobral and G. dos Santos Vieira, Hybrid approach to intrusion detection in Fog-based IoT environments, Computer Networks 180 (2020), 107417.
[33]
N. Dragoni, A. Giaretta and M. Mazzara, The Internet of Hackable Things, in: Proceedings of the 5th International Conference in Software Engineering for Defence Applications, P. Ciancarini, S. Litvinov, A. Messina, A. Sillitti and G. Succi, eds, Springer, 2017, pp. 129–140. ISBN 978-3-319-70578-1.
[34]
E.T.C.C.S. (CYBER), Cyber Security for Consumer Internet of Things: Baseline Requirements, Technical Report, 2020, shorturl.at/fvGK4.
[35]
R. El-Awadi, A. Fernández-Vilas and R.P.D. Redondo, Fog computing solution for distributed anomaly detection in smart grids, in: Proceedings of the International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), IEEE, 2019, pp. 348–353.
[36]
M.F. Elrawy, A.I. Awad and H.F. Hamed, Intrusion detection systems for IoT-based smart anvironments: A survey, Journal of Cloud Computing 7(1) (2018), 21.
[37]
X. Fafoutis, L. Marchegiani, A. Elsts, J. Pope, R. Piechocki and I. Craddock, Extending the battery lifetime of wearable sensors with embedded machine learning, in: Proceedings of the 4th World Forum on Internet of Things (WF-IoT), 2018, pp. 269–274.
[38]
M. Favaretto, T. Tran Anh, J. Kavaja, M. De Donno and N. Dragoni, When the price is your privacy: A security analysis of two cheap IoT devices, in: Proceedings of 6th International Conference in Software Engineering for Defence Applications, P. Ciancarini, M. Mazzara, A. Messina, A. Sillitti and G. Succi, eds, Springer International Publishing, 2020, pp. 55–75.
[39]
A.B. Feroz Khan and G. Anandharaj, The embedded framework for securing the Internet of Things, Journal of Engineering Research 9 (2021), 139–148.
[40]
A.B. Feroz Khan and G. Anandharaj, A multi-layer security approach for DDoS detection in Internet of Things, International Journal of Intelligent Unmanned Systems 9 (2021), 178–191.
[41]
L. Ferretti, M. Marchetti and M. Colajanni, Fog-based secure communications for low-power IoT devices, ACM Transactions on Internet Technology (TOIT) 19(2) (2019), 1–21.
[42]
A. Giaretta, M. De Donno and N. Dragoni, Adding salt to pepper: A structured security assessment over a humanoid robot, in: Proceedings of the 13th International Conference on Availability, Reliability and Security, 2018, pp. 1–8.
[43]
M.S. Giri, B. Gaur and D. Tomar, A survey on data integrity techniques in Cloud computing, International Journal of Computer Applications 122(2) (2015), 27–32.
[44]
R. Goyal, N. Dragoni and A. Spognardi, Mind the tracker you wear: A security analysis of wearable health trackers, in: Proceedings of the 31st Annual ACM Symposium on Applied Computing, SAC ’16, ACM, 2016, pp. 131–136. ISBN 978-1-4503-3739-7.
[45]
O.C.A.W. Group, OpenFog Reference Architecture for Fog computing, Technical Report, 2017, https://iiconsortium.org/pdf/OpenFog_Reference_Architecture_2_09_17.pdf.
[46]
F. Hosseinpour, P. Vahdani Amoli, J. Plosila, T. Hämäläinen and H. Tenhunen, An intrusion detection system for fog computing and IoT based logistic systems using a smart data approach, International Journal of Digital Content Technology and its Applications 10 (2016), 34–46, https://jyx.jyu.fi/handle/123456789/54088.
[47]
Y. Jin, Towards hardware-assisted security for IoT systems, in: Proceeding of the Computer Society Annual Symposium on VLSI (ISVLSI), IEEE, 2019, pp. 632–637.
[48]
S.J. Johnston, M. Apetroaie-Cristea, M. Scott and S.J. Cox, Applicability of commodity, low cost, single board computers for Internet of Things devices, in: Proceedings of the 3rd World Forum on Internet of Things (WF-IoT), IEEE, 2016, pp. 141–146.
[49]
K. Kaur and M. Sachdeva, Fog computing in IoT: An overview of new opportunities, in: Proceedings of ICETIT 2019, Springer, 2020, pp. 59–68.
[50]
L. Khalid, Internet of Things (IoT), in: Software Architecture for Business, Springer, 2020, pp. 107–127.
[51]
H. Kim, E.A. Lee and S. Dustdar, Creating a resilient IoT with edge computing, Computer 52(8) (2019), 43–53.
[52]
D.E. Kouicem, A. Bouabdallah and H. Lakhlef, Internet of things security: A top-down survey, Computer Networks 141 (2018), 199–221.
[53]
Y. Lai, F. Yang, L. Zhang and Z. Lin, Distributed public vehicle system based on Fog nodes and vehicular sensing, IEEE Access 6 (2018), 22011–22024.
[54]
F. Liu, J. Tong, J. Mao, R. Bohn, J. Messina, L. Badger and D. Leaf, NIST Cloud Computing Reference Architecture, Technical Report, 2011.
[55]
F. Meneghello, M. Calore, D. Zucchetto, M. Polese and A. Zanella, IoT: Internet of Threats? A survey of practical security vulnerabilities in real IoT devices, IEEE Internet of Things Journal 6(5) (2019), 8182–8201.
[56]
N. Neshenko, E. Bou-Harb, J. Crichigno, G. Kaddoum and N. Ghani, Demystifying IoT security: An exhaustive survey on IoT vulnerabilities and a first empirical look on Internet-scale IoT exploitations, IEEE Communications Surveys & Tutorials 21(3) (2019), 2702–2733.
[57]
T.H. News, Dark Nexus: A New Emerging IoT Botnet Malware Spotted in the Wild, 2020, https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html [Accessed on July 1st, 2020].
[58]
T.H. News, Mukashi: A New Mirai IoT Botnet Variant Targeting Zyxel NAS Devices, 2020, https://thehackernews.com/2020/03/zyxel-mukashi-mirai-iot-botnet.html [Accessed on July 1st, 2020].
[59]
Nexusguard, DDoS Threat Report 2020 Q1, Technical Report, 2020, https://blog.nexusguard.com/threat-report/ddos-threat-report-2020-q1.
[60]
B.A. Ng and S. Selvakumar, Anomaly detection framework for Internet of things traffic using vector convolutional deep learning approach in fog environment, Future Generation Computer Systems 113 (2020), 255–265.
[61]
Q.-D. Ngo, H.-T. Nguyen, L.-C. Nguyen and D.-H. Nguyen, A survey of IoT malware and detection methods based on static features, ICT Express (2020).
[62]
B. Paharia and K. Bhushan, Fog computing as a defensive approach against distributed denial of service (DDoS): A proposed architecture, in: Proceedings of the 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT), IEEE, 2018, pp. 1–7.
[63]
W. Razouk, D. Sgandurra and K. Sakurai, A new security middleware architecture based on fog computing and cloud to support IoT constrained devices, in: Proceedings of the 1st International Conference on Internet of Things and Machine Learning, 2017, pp. 1–8.
[64]
R. Roman, R. Rios, J.A. Onieva and J. Lopez, Immune system for the Internet of things using edge technologies, IEEE Internet of Things Journal 6(3) (2018), 4774–4781.
[65]
A. Samy, H. Yu and H. Zhang, Fog-based attack detection framework for Internet of Things using deep learning, IEEE Access 8 (2020), 74571–74585.
[66]
D. Sehrawat and N.S. Gill, Smart sensors: Analysis of different types of IoT sensors, in: Proceedings of the 3rd International Conference on Trends in Electronics and Informatics (ICOEI), IEEE, 2019, pp. 523–528.
[67]
G. Selander, J. Mattsson, F. Palombini and L. Seitz, Object Security for Constrained RESTful Environments (OSCORE), Work in Progress (2019), https://www.hjp.at/doc/rfc/rfc8613.html.
[68]
J. Sengupta, S. Ruj and S.D. Bit, A secure Fog based architecture for industrial Internet of Things and industry 4.0, IEEE Transactions on Industrial Informatics (2020).
[69]
D. Soukup, O. Hujňák, S. Štefunko, R. Krejčíand and E. Grešák, Security framework for IoT and Fog computing networks, in: Proceedings of the 3rd International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), IEEE, 2019, pp. 87–92.
[70]
Statista, Internet of Things (IoT) connected devices installed base worldwide from 2015 to 2025 (in billions), 2016, https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/ [Accessed on June 29th, 2020].
[71]
A. Sunyaev, The Internet of Things, in: Internet Computing, Springer, 2020, pp. 301–337.
[72]
SYSGO, PikeOS Certified Hypervisor, 2020, https://www.sysgo.com/products/pikeos-hyperviso [Accessed on August 14th, 2020].
[73]
P. Woznowski, A. Burrows, T. Diethe, X. Fafoutis, J. Hall, S. Hannuna, M. Camplani, N. Twomey, M. Kozlowski, B. Tan, N. Zhu, A. Elsts, A. Vafeas, A. Paiement, L. Tao, M. Mirmehdi, T. Burghardt, D. Damen, P. Flach, R. Piechocki, I. Craddock and G. Oikonomou, SPHERE: A sensor platform for healthcare in a residential environment, in: Designing, Developing, and Facilitating Smart Cities, Springer, 2017, pp. 315–333.
[74]
L. Zhou, H. Guo and G. Deng, A fog computing based approach to DDoS mitigation in IIoT systems, Computers & Security 85 (2019), 51–62.
Index Terms
- AntibIoTic: The Fog-enhanced distributed security system to protect the (legacy) Internet of Things
Index terms have been assigned to the content through auto-classification.
Recommendations
Lightweight Cybersecurity Schemes Using Elliptic Curve Cryptography in Publish-Subscribe fog Computing
The rapid growth of connected things across the globe has been brought about by the deployment of the Internet of things (IoTs) at home, in organizations and industries. The innovation of smart things is envisioned through various protocols, but the ...
A review of the various applications and security issues in IoT and its future aspects
In the era of the internet revolutionaries' physical objects exchange data through technology. As a result, there is an exponential increase in the number of devices now connected to the internet. Devices such as smart televisions, smartphones and ...
Fog computing security and privacy for the Internet of Thing applications: State‐of‐the‐art
AbstractFog nodes are implemented near to end‐users Internet of Things (IoT) devices, which mitigate the impact of low latency, location awareness, and geographic distribution unsupported features of many IoT applications. Moreover, Fog computing ...
Comments
Information & Contributors
Information
Published In
© 2022 – IOS Press. All rights reserved.
Publisher
IOS Press
Netherlands
Publication History
Published: 01 January 2022
Author Tags
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 09 Feb 2025