Securing Internet of Things (IoT) devices and protecting their applications from privacy leaks is a challenge, due to their weak (computational and storage) capabilities, and their proximity with sensitive data. Considering the resource-constrains of such devices, their long lifetime, and the intermittent connections, classical security approaches are often too difficult or impractical to apply. Moving Target Defense is an established technique whose goal is to lower the attack surface to malicious users by constantly modifying device footprint. Changing the address to an IoT device without privacy leaks is, however, a non-trivial task. In this paper, we propose a novel method to perform a network-wide (IP and MAC) address shuffling procedure, called Address Shuffling Algorithm with HMAC (AShA), which is simple to implement, and whose network overhead is minimal. To demonstrate its effectiveness, we analyze our approach via theoretical analysis and simulations. Our analysis shows how AShA parameters can be adapted to various network sizes while our simulations results show how AShA can be used to successfully perform a global collision-free address renewal on networks of more than 2000 nodes using 16-bit addresses.
IoT Security via Address Shuffling: the Easy Way / Francesca Nizzi, Tommaso Pecorella, Flavio Esposito, Laura Pierucci, Romano Fantacci.. - In: IEEE INTERNET OF THINGS JOURNAL. - ISSN 2327-4662. - STAMPA. - 6:(2019), pp. 3764-3774. [10.1109/JIOT.2019.2892003]
IoT Security via Address Shuffling: the Easy Way
Francesca Nizzi;Tommaso Pecorella;Laura Pierucci;Romano Fantacci.
2019
Abstract
Securing Internet of Things (IoT) devices and protecting their applications from privacy leaks is a challenge, due to their weak (computational and storage) capabilities, and their proximity with sensitive data. Considering the resource-constrains of such devices, their long lifetime, and the intermittent connections, classical security approaches are often too difficult or impractical to apply. Moving Target Defense is an established technique whose goal is to lower the attack surface to malicious users by constantly modifying device footprint. Changing the address to an IoT device without privacy leaks is, however, a non-trivial task. In this paper, we propose a novel method to perform a network-wide (IP and MAC) address shuffling procedure, called Address Shuffling Algorithm with HMAC (AShA), which is simple to implement, and whose network overhead is minimal. To demonstrate its effectiveness, we analyze our approach via theoretical analysis and simulations. Our analysis shows how AShA parameters can be adapted to various network sizes while our simulations results show how AShA can be used to successfully perform a global collision-free address renewal on networks of more than 2000 nodes using 16-bit addresses.File | Dimensione | Formato | |
---|---|---|---|
IoT_Security_via_Address_Shuffling_The_Easy_Way.pdf
Accesso chiuso
Tipologia:
Pdf editoriale (Version of record)
Licenza:
Tutti i diritti riservati
Dimensione
1.13 MB
Formato
Adobe PDF
|
1.13 MB | Adobe PDF | Richiedi una copia |
I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.