Abstract
The growth of the Internet of Things (IoT) is contributing to the rise in cyber attacks on the Internet. Unfortunately, the resource-constrained IoT devices and their networks make many traditional security systems less effective or inapplicable. We present TWINKLE, a framework for smart home environments that considers the unique properties of IoT networks. TWINKLE utilizes a two-mode adaptive security model that allows an IoT device to be in regular mode for most of the time which incurs a low resource consumption rate and only when suspicious behavior is detected, switch to vigilant mode which potentially incurs a higher overhead. We show the efficacy of TWINKLE in two case studies that address two types of attacks: distributed denial-of-service (DDoS) and sinkhole attacks. We examine two existing intrusion detection and prevention systems and transform both into new, improved systems using TWINKLE. Our evaluations show that TWINKLE is not only friendly to resource-constrained devices, but can also successfully detect and prevent the two types of attacks, with a significantly lower overhead and detection latency than the existing systems.
This project is in part the result of funding provided by the Science and Technology Directorate of the United States Department of Homeland Security under contract number D15PC00204. The views and conclusions contained herein are those of the authors and should not be interpreted necessarily representing the official policies or endorsements, either expressed or implied, of the Department of Homeland Security or the US Government.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abduvaliyev, A., Pathan, A.S.K., Zhou, J., Roman, R., Wong, W.C.: On the vital areas of intrusion detection systems in wireless sensor networks. IEEE Commun. Surv. Tutor. 15(3), 1223–1237 (2013)
Abie, H., Balasingham, I.: Risk-based adaptive security for smart IoT in eHealth. In: Proceedings of the 7th International Conference on Body Area Networks, pp. 269–275. ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering) (2012)
Bernal Bernabe, J., Hernández, J.L., Moreno, M.V., Skarmeta Gomez, A.F.: Privacy-preserving security framework for a social-aware Internet of Things. In: Hervás, R., Lee, S., Nugent, C., Bravo, J. (eds.) UCAmI 2014. LNCS, vol. 8867, pp. 408–415. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13102-3_67
Cervantes, C., Poplade, D., Nogueira, M., Santos, A.: Detection of sinkhole attacks for supporting secure routing on 6LoWPAN for Internet of Things. In: IFIP/IEEE International Symposium on Integrated Network Management, pp. 606–611. IEEE (2015)
Denning, T., Kohno, T., Levy, H.M.: Computer security and the modern home. ACM Commun. 56(1), 94–103 (2013)
Fernandes, E., Jung, J., Prakash, A.: Security analysis of emerging smart home applications. In: IEEE Symposium on Security and Privacy, pp. 636–654. IEEE (2016)
Hilton, S.: Dyn analysis summary of Friday October 21 attack (2016). https://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-attack/
IETF: Routing over low power and lossy networks (2012)
Kalofonos, D.N., Shakhshir, S.: Intuisec: a framework for intuitive user interaction with smart home security using mobile devices. In: IEEE 18th International Symposium on Personal, Indoor and Mobile Radio Communications, pp. 1–5. IEEE (2007)
Kang, W.M., Moon, S.Y., Park, J.H.: An enhanced security framework for home appliances in smart home. Human-cent. Comput. Inf. Sci. 7(1), 6 (2017)
Kumar, P., Braeken, A., Gurtov, A., Iinatti, J., Ha, P.: Anonymous secure framework in connected smart home environments. IEEE Trans. Inf. Forensics Secur. 12, 968–979 (2017)
van der Meulen, R.: Gartner says 6.4 billion connected “things” will be in use in 2016, up 30 percent from 2015 (2015). http://www.gartner.com/newsroom/id/3165317
Mirkovic, J., Reiher, P.: D-ward: a source-end defense against flooding denial-of-service attacks. IEEE Trans. Dependable Secure Comput. 2(3), 216–232 (2005)
Neisse, R., Steri, G., Baldini, G.: Enforcement of security policy rules for the internet of things. In: IEEE 10th International Conference on Wireless and Mobile Computing, pp. 165–172. IEEE (2014)
Nordrum, A.: Popular internet of things forecast of 50 billion devices by 2020 is outdated (2016). http://spectrum.ieee.org/tech-talk/telecom/internet/popular-internet-of-things-forecast-of-50-billion-devices-by-2020-is-outdated
Notra, S., Siddiqi, M., Gharakheili, H.H., Sivaraman, V., Boreli, R.: An experimental study of security and privacy risks with emerging household appliances. In: IEEE Conference on Communications and Network Security, pp. 79–84. IEEE (2014)
Raza, S., Wallgren, L., Voigt, T.: SVELTE: real-time intrusion detection in the internet of things. Ad hoc Netw. 11(8), 2661–2674 (2013)
Roman, R., Zhou, J., Lopez, J.: Applying intrusion detection systems to wireless sensor networks. In: IEEE Consumer Communications & Networking Conference (CCNC 2006) (2006)
Sehgal, A., Perelman, V., Kuryla, S., Schonwalder, J.: Management of resource constrained devices in the internet of things. IEEE Commun. Mag. 50(12), 144–149 (2012)
Simpson, A.K., Roesner, F., Kohno, T.: Securing vulnerable home IoT devices with an in-hub security manager. In: IEEE International Conference on Pervasive Computing and Communications Workshops, pp. 551–556. IEEE (2017)
Team, O.P.: Ossec: open source hids security (2010–2017). https://ossec.github.io/index.html
Wallgren, L., Raza, S., Voigt, T.: Routing attacks and countermeasures in the RPL-based internet of things. Int. J. Distrib. Sens. Netw. 9(8), 794326 (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Sisodia, D., Mergendahl, S., Li, J., Cam, H. (2018). Securing the Smart Home via a Two-Mode Security Framework. In: Beyah, R., Chang, B., Li, Y., Zhu, S. (eds) Security and Privacy in Communication Networks. SecureComm 2018. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 254. Springer, Cham. https://doi.org/10.1007/978-3-030-01701-9_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-01701-9_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-01700-2
Online ISBN: 978-3-030-01701-9
eBook Packages: Computer ScienceComputer Science (R0)