Securing Internet of Things (IoT) devices and protecting their applications from privacy leaks is a challenge, due to their weak (computational and storage) capabilities, and their proximity with sensitive data. Considering the resource-constrains of such devices, their long lifetime, and the intermittent connections, classical security approaches are often too difficult or impractical to apply. Moving Target Defense is an established technique whose goal is to lower the attack surface to malicious users by constantly modifying device footprint. Changing the address to an IoT device without privacy leaks is, however, a non-trivial task. In this paper, we propose a novel method to perform a network-wide (IP and MAC) address shuffling procedure, called Address Shuffling Algorithm with HMAC (AShA), which is simple to implement, and whose network overhead is minimal. To demonstrate its effectiveness, we analyze our approach via theoretical analysis and simulations. Our analysis shows how AShA parameters can be adapted to various network sizes while our simulations results show how AShA can be used to successfully perform a global collision-free address renewal on networks of more than 2000 nodes using 16-bit addresses.

IoT Security via Address Shuffling: the Easy Way / Francesca Nizzi, Tommaso Pecorella, Flavio Esposito, Laura Pierucci, Romano Fantacci.. - In: IEEE INTERNET OF THINGS JOURNAL. - ISSN 2327-4662. - STAMPA. - 6:(2019), pp. 3764-3774. [10.1109/JIOT.2019.2892003]

IoT Security via Address Shuffling: the Easy Way

Francesca Nizzi;Tommaso Pecorella;Laura Pierucci;Romano Fantacci.
2019

Abstract

Securing Internet of Things (IoT) devices and protecting their applications from privacy leaks is a challenge, due to their weak (computational and storage) capabilities, and their proximity with sensitive data. Considering the resource-constrains of such devices, their long lifetime, and the intermittent connections, classical security approaches are often too difficult or impractical to apply. Moving Target Defense is an established technique whose goal is to lower the attack surface to malicious users by constantly modifying device footprint. Changing the address to an IoT device without privacy leaks is, however, a non-trivial task. In this paper, we propose a novel method to perform a network-wide (IP and MAC) address shuffling procedure, called Address Shuffling Algorithm with HMAC (AShA), which is simple to implement, and whose network overhead is minimal. To demonstrate its effectiveness, we analyze our approach via theoretical analysis and simulations. Our analysis shows how AShA parameters can be adapted to various network sizes while our simulations results show how AShA can be used to successfully perform a global collision-free address renewal on networks of more than 2000 nodes using 16-bit addresses.
2019
6
3764
3774
Francesca Nizzi, Tommaso Pecorella, Flavio Esposito, Laura Pierucci, Romano Fantacci.
File in questo prodotto:
File Dimensione Formato  
IoT_Security_via_Address_Shuffling_The_Easy_Way.pdf

Accesso chiuso

Tipologia: Pdf editoriale (Version of record)
Licenza: Tutti i diritti riservati
Dimensione 1.13 MB
Formato Adobe PDF
1.13 MB Adobe PDF   Richiedi una copia

I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificatore per citare o creare un link a questa risorsa: https://hdl.handle.net/2158/1144709
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 40
  • ???jsp.display-item.citation.isi??? 29
social impact