Shielding IoT against Cyber-Attacks: An Event-Based Approach Using SIEM
Due to the growth of IoT (Internet of Tings) devices in diferent industries and markets in recent years and considering the currently insufcient protection for these devices, a security solution safeguarding IoT architectures are highly desirable. An interesting perspective for the development of se...
- Autores:
-
Daniel Díaz López
Blanco Uribe, María
Santiago Cely, Claudia
Vega Torres, Andrés
Moreno Guataquira, Nicolás
Morón Castro, Stefany
Nespoli, Pantaleone
Gómez Mármol, Félix
- Tipo de recurso:
- Article of investigation
- Fecha de publicación:
- 2018
- Institución:
- Escuela Colombiana de Ingeniería Julio Garavito
- Repositorio:
- Repositorio Institucional ECI
- Idioma:
- eng
- OAI Identifier:
- oai:repositorio.escuelaing.edu.co:001/1467
- Acceso en línea:
- https://repositorio.escuelaing.edu.co/handle/001/1467
https://www.hindawi.com/journals/wcmc/2018/3029638/
- Palabra clave:
- Internet de las cosas
Seguridad informática
Computer security
LOT
Internet of Things
Ciberseguridad
- Rights
- openAccess
- License
- https://creativecommons.org/licenses/by/4.0/
| id |
ESCUELAIG2_cea37f6c71c34f0f0b5639b4ccfb79e7 |
|---|---|
| oai_identifier_str |
oai:repositorio.escuelaing.edu.co:001/1467 |
| network_acronym_str |
ESCUELAIG2 |
| network_name_str |
Repositorio Institucional ECI |
| repository_id_str |
|
| dc.title.spa.fl_str_mv |
Shielding IoT against Cyber-Attacks: An Event-Based Approach Using SIEM |
| title |
Shielding IoT against Cyber-Attacks: An Event-Based Approach Using SIEM |
| spellingShingle |
Shielding IoT against Cyber-Attacks: An Event-Based Approach Using SIEM Internet de las cosas Seguridad informática Computer security LOT Internet of Things Ciberseguridad |
| title_short |
Shielding IoT against Cyber-Attacks: An Event-Based Approach Using SIEM |
| title_full |
Shielding IoT against Cyber-Attacks: An Event-Based Approach Using SIEM |
| title_fullStr |
Shielding IoT against Cyber-Attacks: An Event-Based Approach Using SIEM |
| title_full_unstemmed |
Shielding IoT against Cyber-Attacks: An Event-Based Approach Using SIEM |
| title_sort |
Shielding IoT against Cyber-Attacks: An Event-Based Approach Using SIEM |
| dc.creator.fl_str_mv |
Daniel Díaz López Blanco Uribe, María Santiago Cely, Claudia Vega Torres, Andrés Moreno Guataquira, Nicolás Morón Castro, Stefany Nespoli, Pantaleone Gómez Mármol, Félix |
| dc.contributor.author.none.fl_str_mv |
Daniel Díaz López Blanco Uribe, María Santiago Cely, Claudia Vega Torres, Andrés Moreno Guataquira, Nicolás Morón Castro, Stefany Nespoli, Pantaleone Gómez Mármol, Félix |
| dc.contributor.researchgroup.spa.fl_str_mv |
CTG-Informática |
| dc.subject.armarc.spa.fl_str_mv |
Internet de las cosas Seguridad informática |
| topic |
Internet de las cosas Seguridad informática Computer security LOT Internet of Things Ciberseguridad |
| dc.subject.armarc.eng.fl_str_mv |
Computer security LOT |
| dc.subject.proposal.eng.fl_str_mv |
Internet of Things |
| dc.subject.proposal.spa.fl_str_mv |
Ciberseguridad |
| description |
Due to the growth of IoT (Internet of Tings) devices in diferent industries and markets in recent years and considering the currently insufcient protection for these devices, a security solution safeguarding IoT architectures are highly desirable. An interesting perspective for the development of security solutions is the use of an event management approach, knowing that an event may become an incident when an information asset is afected under certain circumstances. Te paper at hand proposes a security solution based on the management of security events within IoT scenarios in order to accurately identify suspicious activities. To this end, diferent vulnerabilities found in IoT devices are described, as well as unique features that make these devices an appealing target for attacks. Finally, three IoT attack scenarios are presented, describing exploited vulnerabilities, security events generated by the attack, and accurate responses that could be launched to help decreasing the impact of the attack on IoT devices. Our analysis demonstrates that the proposed approach is suitable for protecting the IoT ecosystem, giving an adequate protection level to the IoT devices. |
| publishDate |
2018 |
| dc.date.issued.none.fl_str_mv |
2018 |
| dc.date.accessioned.none.fl_str_mv |
2021-05-21T21:27:17Z 2021-10-01T17:22:49Z |
| dc.date.available.none.fl_str_mv |
2021-05-21T21:27:17Z 2021-10-01T17:22:49Z |
| dc.type.spa.fl_str_mv |
Artículo de revista |
| dc.type.coarversion.fl_str_mv |
http://purl.org/coar/version/c_970fb48d4fbd8a85 |
| dc.type.version.spa.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| dc.type.coar.spa.fl_str_mv |
http://purl.org/coar/resource_type/c_2df8fbb1 |
| dc.type.content.spa.fl_str_mv |
Text |
| dc.type.driver.spa.fl_str_mv |
info:eu-repo/semantics/article |
| dc.type.redcol.spa.fl_str_mv |
http://purl.org/redcol/resource_type/ART |
| format |
http://purl.org/coar/resource_type/c_2df8fbb1 |
| status_str |
publishedVersion |
| dc.identifier.issn.none.fl_str_mv |
1530-8669 1530-8677 |
| dc.identifier.uri.none.fl_str_mv |
https://repositorio.escuelaing.edu.co/handle/001/1467 |
| dc.identifier.doi.none.fl_str_mv |
doi.org/10.1155/2018/3029638 |
| dc.identifier.url.none.fl_str_mv |
https://www.hindawi.com/journals/wcmc/2018/3029638/ |
| identifier_str_mv |
1530-8669 1530-8677 doi.org/10.1155/2018/3029638 |
| url |
https://repositorio.escuelaing.edu.co/handle/001/1467 https://www.hindawi.com/journals/wcmc/2018/3029638/ |
| dc.language.iso.spa.fl_str_mv |
eng |
| language |
eng |
| dc.relation.citationedition.spa.fl_str_mv |
Volume 2018, Article ID 3029638, 18 pages |
| dc.relation.citationendpage.spa.fl_str_mv |
18 |
| dc.relation.citationstartpage.spa.fl_str_mv |
1 |
| dc.relation.citationvolume.spa.fl_str_mv |
2018 |
| dc.relation.indexed.spa.fl_str_mv |
N/A |
| dc.relation.ispartofjournal.spa.fl_str_mv |
Wireless Communications and Mobile Computing |
| dc.relation.references.spa.fl_str_mv |
K. Yelamarthi, M. S. Aman, and A. Abdelgawad, “An application-driven modular IoT architecture,” Wireless Communications and Mobile Computing, vol. 2017, Article ID 1350929, 16 pages, 2017. Gartner, “Gartner’s 2016 Hype Cycle for Emerging Technologies,” 2016. [Online]. Available: https://www.gartner.com/ newsroom/id/3412017. S. Li, L. D. Xu, and S. Zhao, “Te internet of things: a survey,” Information Systems Frontiers, vol. 17, no. 2, pp. 243–259, 2015. S. Haller, S. Karnouskos, and C. Schroth, “Te Internet ofTings in an Enterprise Context,” in Future Internet – FIS 2008, vol. 5468 of Lecture Notes in Computer Science, pp. 14–28, Springer Berlin Heidelberg, Berlin, Heidelberg, 2009. A. Abdelgawad and K. Yelamarthi, “Internet of things (IoT) platform for structure health monitoring,” Wireless Communications and Mobile Computing, vol. 2017, Article ID 6560797, 2017. B. R. Stojkoska, K. Trivodaliev, and D. Davcev, “Internet of things framework for home care systems,” Wireless Communications and Mobile Computing, vol. 2017, Article ID 8323646, 2017 B. Gomes, L. Muniz, F. J. da Silva e Silva, L. E. Rios, and M. Endler, “A comprehensive cloud-based IoT sofware infrastructure for Ambient Assisted Living,” in Proceedings of the 2015 International Conference on Cloud Technologies and Applications (CloudTech), pp. 1–8, Marrakech, Morocco, June 2015. S. Charmonman and P. Mongkhonvanit, “Special consideration for Big Data in IoE or Internet of Everything,” in Proceedings of the 13th International Conference on ICT and Knowledge Engineering, ICT and KE 2015, pp. 147–150,Tailand, November 2015. J. Granjal, E. Monteiro, and J. S´a Silva, “Security for the internet of things: a survey of existing protocols and open research issues,” IEEE Communications Surveys & Tutorials, vol. 17, no. 3, pp. 1294–1312, 2015. A. Zanella, N. Bui, A. P. Castellani, L. Vangelista, and M. Zorzi, “Internet of things for smart cities,” IEEE Internet of Tings Journal, vol. 1, no. 1, pp. 22–32, 2014 R. Khan, S. U. Khan, and R. Zaheer, “Future internet: the internet of things architecture, possible applications and key challenges,” in Proceedings of the 10th International Conference on Frontiers of Information Technology (FIT’ 12), pp. 257–260, December 2012. V. Beltran, A. F. Skarmeta, and P. M. Ruiz, “An ARMCompliant Architecture for User Privacy in Smart Cities: SMARTIE—Quality by Design in the IoT,” Wireless Communications and Mobile Computing, vol. 2017, Article ID 3859836, 13 pages, 2017. Y. H. Hwang, “IoT security & privacy: Treats and challenges,” in Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and Security, IoTPTS 2015, p. 1, Singapore. F. G´omez M´armol, M. Gil P´erez, and G. Mart´ınez P´erez, “I Don’t Trust ICT: Research Challenges in Cyber Security,” in Trust Management X, vol. 473 of IFIP Advances in Information and Communication Technology, pp. 129–136, Springer International Publishing, Cham, 2016. S. Sicari, A. Rizzardi, L. A. Grieco, and A. Coen-Porisini, “Security, privacy and trust in Internet of Tings: the road ahead,” Computer Networks, vol. 76, pp. 146–164, 2015. I. Yaqoob, E. Ahmed, M. H. U. Rehman et al., “Te rise of ransomware and emerging security challenges in the Internet of Tings,” Computer Networks, vol. 129, pp. 444–458, 2017. D. S. Lavrova, “An approach to developing the SIEM system for the Internet of Tings,” Automatic Control and Computer Sciences, vol. 50, no. 8, pp. 673–681, 2016. P. Zegzhda, D. Zegzhda, M. Kalinin, A. Pechenkin, A. Minin, and D. Lavrova, “Safe integration of SIEM systems with Internet of Tings: Data aggregation, integrity control, and bioinspired safe routing,” in Proceedings of the 9th International Conference on Security of Information and Networks, SIN 2016, pp. 81–87, USA, July 2016. G. Ho, D. Leung, P. Mishra, A. Hosseini, D. Song, and D. Wagner, “Smart locks: Lessons for securing commodity internet of things devices,” in Proceedings of the 11th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2016, pp. 461–472, Xi’an, China, June 2016 M. Woschek, “Owasp cheat sheets,” pp, vol. 315, p. 4, 2015, https://www.owasp.org/images/9/9a/OWASP Cheatsheets Book .pdf. ISO/IEC, “ISO/IEC 27032:2012 - Information technologyˆa€”Security techniquesˆa€”Guidelines for cybersecurity,” https:// www.iso.org/standard/44375.html, 2012. C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, “DDoS in the IoT: mirai and other botnets,” IEEE Computer Society, vol. 50, no. 7, pp. 80–84, 2017 A.-R. Sadeghi, C. Wachsmann, and M. Waidner, “Security and privacy challenges in industrial internet of things,” in Proceedings of the 52nd ACM/EDAC/IEEE Design Automation Conference (DAC ’15), pp. 1–6, IEEE, San Francisco, Calif, USA, June 2015. A. O. Prokofev, Y. S. Smirnova, and V. A. Surov, “A method to detect Internet of Tings botnets,” in Proceedings of the 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus), pp. 105–108, Moscow, January 2018. V. Adat and B. B. Gupta, “Security in Internet of Tings: issues, challenges, taxonomy, and architecture,” Telecommunication Systems, vol. 67, no. 3, pp. 423–441, 2018. ISO/IEC, “ISO/IEC 27000:2018 - Information technology-Security techniques-Information security management systemsOverview and vocabulary,” https://www.iso.org/standard/73906 .html, 2018. S. Gupta, B. S. Chaudhari, and B. Chakrabarty, “Vulnerable network analysis using war driving and Security intelligence,” in Proceedings of the 2016 International Conference on Inventive Computation Technologies, ICICT 2016, India, August 2016 J. R Vacca, Network and system security, S. Elliot, Ed., Syngress - Elsevier, 2014. Y. Chahid, M. Benabdellah, and A. Azizi, “Internet of things security,” in Proceedings of the 2017 International Conference on Wireless Technologies, Embedded and Intelligent Systems, WITS 2017, Morocco, April 2017 R. Van Rijswijk and E. Poll, “Using trusted execution environments in two–factor authentication: comparing approaches,” ser. Lecture Notes in Informatics. 1em plus 0.5em minus 0.4em Bonn, Germany: Gesellschaf for Informatik, 9 2013, pp. 20–31. C. Doukas, I. Maglogiannis, V. Kouf, F. Malamateniou, and G. Vassilacopoulos, “Enabling data protection through PKI encryption in IoT m-Health devices,” in Proceedings of the 12th IEEE International Conference on BioInformatics and BioEngineering, BIBE 2012, pp. 25–29, November 2012. W.-I. Bae and J. Kwak, “Smart card-based secure authentication protocol in multi-server IoT environment,” Multimedia Tools and Applications, pp. 1–19, 2017 B. B. Zarpel˜ao, R. S. Miani, C. T. Kawakani, and S. C. de Alvarenga, “A survey of intrusion detection in Internet of Tings,” Journal of Network and Computer Applications, vol. 84, pp. 25–37, 2017 W. Meng, “Intrusion Detection in the Era of IoT: Building Trust via Trafc Filtering and Sampling,” Te Computer Journal, vol. 51, no. 7, pp. 36–43, 2018. I. Smith and D. Bailey, “IoT Security Guidelines for Endpoint Ecosystem,” GSM Association, Tech. Rep., 2016. [Online]. Available: https://www.gsma.com/iot/wp-content/uploads/2016/ 02/CLP.13-v1.0.pdf P. Kasinathan, G. Costamagna, H. Khaleel, C. Pastrone, and M. A. Spirito, “Demo: An ids framework for internet of things empowered by 6lowpan,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer; Communications Security, pp. 1337–1340, 2013. P. Nespoli and F. G´omez M´armol, “e-Health Wireless IDS with SIEM integration,” in IEEE Wireless Communications and Networking Conference (WCNC’18), Barcelona, Spain, 2018 A. Sforzin, F. G. Marmol, M. Conti, and J. Bohli, “RPiDS: Raspberry Pi IDS — A Fruitful Intrusion Detection System for IoT,” in Proceedings of the 2016 Intl IEEE Conferences on Ubiquitous Intelligence & Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People, and Smart World Congress (UIC/ATC/ScalCom/CBDCom/IoP/SmartWorld), pp. 440–448, Toulouse, France, July 2016. I. Kotenko and A. Chechulin, “Computer attack modeling and security evaluation based on attack graphs,” in Proceedings of the 2013 IEEE 7th International Conference on Intelligent Data Acquisition and Advanced Computing Systems, IDAACS 2013, pp. 614–619, Germany, September 2013. I. Kotenko and A. Chechulin, “Common Framework for Attack Modeling and Security Evaluation in SIEM Systems,” in Proceedings of the 2012 IEEE International Conference on Green Computing and Communications (GreenCom), pp. 94– 101, Besancon, France, November 2012. G. Kambourakis, C. Kolias, and A. Stavrou, “Te Mirai botnet and the IoT Zombie Armies,” in Proceedings of the 2017 IEEE Military Communications Conference, MILCOM 2017, pp. 267– 272, USA, October 2017 D. Geneiatakis, I. Kounelis, R. Neisse, I. Nai-Fovino, G. Steri, and G. Baldini, “Security and privacy issues for an IoT based smart home,” in Proceedings of the 40th International Convention on Information and Communication Technology, Electronics and Microelectronics, MIPRO 2017, pp. 1292–1297, Croatia, May 2017 Z.-K. Zhang, M. C. Y. Cho, C.-W.Wang, C.-W. Hsu, C.-K. Chen, and S. Shieh, “IoT security: ongoing challenges and research opportunities,” in Proceedings of the 7th IEEE International Conference on Service-Oriented Computing and Applications (SOCA ’14), pp. 230–234, IEEE, Matsue, Japan, November 2014. I. A. T. Hashem, I. Yaqoob, N. B. Anuar, S. Mokhtar, A. Gani, and S. Ullah Khan, “Te rise of ‘big data’ on cloud computing: review and open research issues,” Information Systems, vol. 47, pp. 98–115, 2015 G. Shpantzer, “Implementing hardware roots of trust: Te trusted platform module comes of age,” SANS Whitepaper, 2013. [Online]. Available: https://trustedcomputinggroup.org/ wp-content/uploads/SANS-Implementing-Hardware-Roots-ofTrust.pdf. S. A. Mirheidari, S. Arshad, and R. Jalili, “Alert Correlation Algorithms: A Survey and Taxonomy,” in Cyberspace Safety and Security, vol. 8300 of Lecture Notes in Computer Science, pp. 183– 197, Springer International Publishing, Cham, 2013. P. Cichonski, T. Millar, T. Grance, and K. Scarfone, “Computer Security Incident Handling Guide : Recommendations of the National Institute of Standards and Technology,” National Institute of Standards and Technology NIST SP 800-61r2, 2012. D. D´ıaz-L´opez, G. D´olera-Tormo, F. G´omez-M´armol, and G. Mart´ınez-P´erez, “Dynamic counter-measures for risk-based access control systems: An evolutive approach,” Future Generation Computer Systems, vol. 55, pp. 321–335, 2016. P. Nespoli, D. Papamartzivanos, F. G. Marmol, and G. Kambourakis, “Optimal countermeasures selection against cyber attacks: A comprehensive survey on reaction frameworks,” IEEE Communications Surveys & Tutorials, 2017. P. H. Gregory, ISSP guide to security essentials, vol. 12, Cengage Learning, 2014. Alienvault, “Insider’s guide to Incident Response,” https://www .alienvault.com/resource-center/ebook/insider-guide-to-incidentresponse-download, 2017 E. Tittle, J. M. Stewart, and M. Chapple, CISSP: Certifed Information Systems Security Professional Study Guide, vol. 7, John Wiley Sons, 2012. S. Perumal, N. Md Norwawi, and V. Raman, “Internet of Tings(IoT) digital forensic investigation model: Top-down forensic approach methodology,” in Proceedings of the 5th International Conference on Digital Information Processing and Communications, ICDIPC 2015, pp. 19–23, Switzerland, October 2015. RSA, “Two-Factor Authentication Is a Must for Mobile,” 2016. [Online]. Available: https://www.rsa.com/en-us/blog/2016- 06/two-factor-authentication-is-a-must-for-mobile A. Soro, A. H. Ambe, and M. Brereton, “Minding the gap: Reconciling human and technical perspectives on the IoT for healthy ageing,” Wireless Communications and Mobile Computing, vol. 2017, 2017 |
| dc.rights.coar.fl_str_mv |
http://purl.org/coar/access_right/c_abf2 |
| dc.rights.uri.spa.fl_str_mv |
https://creativecommons.org/licenses/by/4.0/ |
| dc.rights.accessrights.spa.fl_str_mv |
info:eu-repo/semantics/openAccess |
| dc.rights.creativecommons.spa.fl_str_mv |
Atribución 4.0 Internacional (CC BY 4.0) |
| rights_invalid_str_mv |
https://creativecommons.org/licenses/by/4.0/ Atribución 4.0 Internacional (CC BY 4.0) http://purl.org/coar/access_right/c_abf2 |
| eu_rights_str_mv |
openAccess |
| dc.format.extent.spa.fl_str_mv |
19 páginas |
| dc.format.mimetype.spa.fl_str_mv |
application/pdf |
| dc.publisher.spa.fl_str_mv |
Guest Editor: Constantinos Kolias |
| dc.publisher.place.spa.fl_str_mv |
Egipto Inglaterra |
| dc.source.spa.fl_str_mv |
https://www.hindawi.com/journals/wcmc/2018/3029638/ |
| institution |
Escuela Colombiana de Ingeniería Julio Garavito |
| bitstream.url.fl_str_mv |
https://repositorio.escuelaing.edu.co/bitstream/001/1467/3/Shielding%20IoT%20against%20Cyber-Attacks-An%20Event-Based.pdf.txt https://repositorio.escuelaing.edu.co/bitstream/001/1467/4/Shielding%20IoT%20against%20Cyber-Attacks-An%20Event-Based.pdf.jpg https://repositorio.escuelaing.edu.co/bitstream/001/1467/1/license.txt https://repositorio.escuelaing.edu.co/bitstream/001/1467/2/Shielding%20IoT%20against%20Cyber-Attacks-An%20Event-Based.pdf |
| bitstream.checksum.fl_str_mv |
35cdd8c2a3b731b3a0bdda41e6132ddb f7ae74df77768aaf97d1fcd903714314 5a7ca94c2e5326ee169f979d71d0f06e 47f8e7f57ba04c6b8c1286a4097c7677 |
| bitstream.checksumAlgorithm.fl_str_mv |
MD5 MD5 MD5 MD5 |
| repository.name.fl_str_mv |
Repositorio Escuela Colombiana de Ingeniería Julio Garavito |
| repository.mail.fl_str_mv |
repositorio.eci@escuelaing.edu.co |
| _version_ |
1814355586328821760 |
| spelling |
Daniel Díaz López9303e2d12adf755fd3107a762b8e0c2f600Blanco Uribe, Maríacca9a88e357cca40939126b944683a23600Santiago Cely, Claudia1ae439eff3acd0e1bbd78d0e7e49030d600Vega Torres, Andrésecef078b82bdb18a49931abd24bac621600Moreno Guataquira, Nicolásc163c14c822a5772298aa2a7bf811515600Morón Castro, Stefanyc9156db2acb13e83b90abf448cc6015a600Nespoli, Pantaleoneca87776112d767308172d768ee634197600Gómez Mármol, Félix05bc37949b22ff833576da93b8602af2600CTG-Informática2021-05-21T21:27:17Z2021-10-01T17:22:49Z2021-05-21T21:27:17Z2021-10-01T17:22:49Z20181530-86691530-8677https://repositorio.escuelaing.edu.co/handle/001/1467doi.org/10.1155/2018/3029638https://www.hindawi.com/journals/wcmc/2018/3029638/Due to the growth of IoT (Internet of Tings) devices in diferent industries and markets in recent years and considering the currently insufcient protection for these devices, a security solution safeguarding IoT architectures are highly desirable. An interesting perspective for the development of security solutions is the use of an event management approach, knowing that an event may become an incident when an information asset is afected under certain circumstances. Te paper at hand proposes a security solution based on the management of security events within IoT scenarios in order to accurately identify suspicious activities. To this end, diferent vulnerabilities found in IoT devices are described, as well as unique features that make these devices an appealing target for attacks. Finally, three IoT attack scenarios are presented, describing exploited vulnerabilities, security events generated by the attack, and accurate responses that could be launched to help decreasing the impact of the attack on IoT devices. Our analysis demonstrates that the proposed approach is suitable for protecting the IoT ecosystem, giving an adequate protection level to the IoT devices.Debido al crecimiento de los dispositivos IoT (Internet of Tings) en diferentes industrias y mercados en los últimos años y considerando la Actualmente, la protección para estos dispositivos es insuficiente, por lo que es muy deseable una solución de seguridad que proteja las arquitecturas de IoT. Un Una perspectiva interesante para el desarrollo de soluciones de seguridad es el uso de un enfoque de gestión de eventos, sabiendo que un El evento puede convertirse en un incidente cuando un activo de información se ve afectado en determinadas circunstancias. El papel que nos ocupa propone una solución de seguridad basada en la gestión de eventos de seguridad dentro de escenarios de IoT para identificar con precisión los sospechosos ocupaciones. Para ello, se describen las diferentes vulnerabilidades encontradas en los dispositivos IoT, así como las características únicas que hacen que estos dispositivos un objetivo atractivo para los ataques. Finalmente, se presentan tres escenarios de ataque de IoT, que describen vulnerabilidades explotadas, eventos de seguridad generado por el ataque y respuestas precisas que podrían lanzarse para ayudar a disminuir el impacto del ataque en los dispositivos de IoT. Nuestro análisis demuestra que el enfoque propuesto es adecuado para proteger el ecosistema de IoT, brindando una protección adecuada nivel a los dispositivos de IoT.Computer Science Faculty, Colombian School of Engineering Julio Garavito, Colombia Department of Information and Communications Engineering, University of Murcia, Spain Correspondence should be addressed to Daniel D´ıaz L´opez; daniel.diaz@escuelaing.edu.coReceived 28 May 2018; Revised 10 September 2018; Accepted 4 October 2018; Published 25 October 201819 páginasapplication/pdfengGuest Editor: Constantinos KoliasEgiptoInglaterraCopyright © 2018 Daniel D´ıaz L´opez et al. Tis is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.https://creativecommons.org/licenses/by/4.0/info:eu-repo/semantics/openAccessAtribución 4.0 Internacional (CC BY 4.0)http://purl.org/coar/access_right/c_abf2https://www.hindawi.com/journals/wcmc/2018/3029638/Shielding IoT against Cyber-Attacks: An Event-Based Approach Using SIEMArtículo de revistainfo:eu-repo/semantics/publishedVersionhttp://purl.org/coar/resource_type/c_2df8fbb1Textinfo:eu-repo/semantics/articlehttp://purl.org/redcol/resource_type/ARThttp://purl.org/coar/version/c_970fb48d4fbd8a85Volume 2018, Article ID 3029638, 18 pages1812018N/AWireless Communications and Mobile ComputingK. Yelamarthi, M. S. Aman, and A. Abdelgawad, “An application-driven modular IoT architecture,” Wireless Communications and Mobile Computing, vol. 2017, Article ID 1350929, 16 pages, 2017.Gartner, “Gartner’s 2016 Hype Cycle for Emerging Technologies,” 2016. [Online]. Available: https://www.gartner.com/ newsroom/id/3412017.S. Li, L. D. Xu, and S. Zhao, “Te internet of things: a survey,” Information Systems Frontiers, vol. 17, no. 2, pp. 243–259, 2015.S. Haller, S. Karnouskos, and C. Schroth, “Te Internet ofTings in an Enterprise Context,” in Future Internet – FIS 2008, vol. 5468 of Lecture Notes in Computer Science, pp. 14–28, Springer Berlin Heidelberg, Berlin, Heidelberg, 2009.A. Abdelgawad and K. Yelamarthi, “Internet of things (IoT) platform for structure health monitoring,” Wireless Communications and Mobile Computing, vol. 2017, Article ID 6560797, 2017.B. R. Stojkoska, K. Trivodaliev, and D. Davcev, “Internet of things framework for home care systems,” Wireless Communications and Mobile Computing, vol. 2017, Article ID 8323646, 2017B. Gomes, L. Muniz, F. J. da Silva e Silva, L. E. Rios, and M. Endler, “A comprehensive cloud-based IoT sofware infrastructure for Ambient Assisted Living,” in Proceedings of the 2015 International Conference on Cloud Technologies and Applications (CloudTech), pp. 1–8, Marrakech, Morocco, June 2015.S. Charmonman and P. Mongkhonvanit, “Special consideration for Big Data in IoE or Internet of Everything,” in Proceedings of the 13th International Conference on ICT and Knowledge Engineering, ICT and KE 2015, pp. 147–150,Tailand, November 2015.J. Granjal, E. Monteiro, and J. S´a Silva, “Security for the internet of things: a survey of existing protocols and open research issues,” IEEE Communications Surveys & Tutorials, vol. 17, no. 3, pp. 1294–1312, 2015.A. Zanella, N. Bui, A. P. Castellani, L. Vangelista, and M. Zorzi, “Internet of things for smart cities,” IEEE Internet of Tings Journal, vol. 1, no. 1, pp. 22–32, 2014R. Khan, S. U. Khan, and R. Zaheer, “Future internet: the internet of things architecture, possible applications and key challenges,” in Proceedings of the 10th International Conference on Frontiers of Information Technology (FIT’ 12), pp. 257–260, December 2012.V. Beltran, A. F. Skarmeta, and P. M. Ruiz, “An ARMCompliant Architecture for User Privacy in Smart Cities: SMARTIE—Quality by Design in the IoT,” Wireless Communications and Mobile Computing, vol. 2017, Article ID 3859836, 13 pages, 2017.Y. H. Hwang, “IoT security & privacy: Treats and challenges,” in Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and Security, IoTPTS 2015, p. 1, Singapore.F. G´omez M´armol, M. Gil P´erez, and G. Mart´ınez P´erez, “I Don’t Trust ICT: Research Challenges in Cyber Security,” in Trust Management X, vol. 473 of IFIP Advances in Information and Communication Technology, pp. 129–136, Springer International Publishing, Cham, 2016.S. Sicari, A. Rizzardi, L. A. Grieco, and A. Coen-Porisini, “Security, privacy and trust in Internet of Tings: the road ahead,” Computer Networks, vol. 76, pp. 146–164, 2015.I. Yaqoob, E. Ahmed, M. H. U. Rehman et al., “Te rise of ransomware and emerging security challenges in the Internet of Tings,” Computer Networks, vol. 129, pp. 444–458, 2017.D. S. Lavrova, “An approach to developing the SIEM system for the Internet of Tings,” Automatic Control and Computer Sciences, vol. 50, no. 8, pp. 673–681, 2016.P. Zegzhda, D. Zegzhda, M. Kalinin, A. Pechenkin, A. Minin, and D. Lavrova, “Safe integration of SIEM systems with Internet of Tings: Data aggregation, integrity control, and bioinspired safe routing,” in Proceedings of the 9th International Conference on Security of Information and Networks, SIN 2016, pp. 81–87, USA, July 2016.G. Ho, D. Leung, P. Mishra, A. Hosseini, D. Song, and D. Wagner, “Smart locks: Lessons for securing commodity internet of things devices,” in Proceedings of the 11th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2016, pp. 461–472, Xi’an, China, June 2016M. Woschek, “Owasp cheat sheets,” pp, vol. 315, p. 4, 2015, https://www.owasp.org/images/9/9a/OWASP Cheatsheets Book .pdf.ISO/IEC, “ISO/IEC 27032:2012 - Information technologyˆa€”Security techniquesˆa€”Guidelines for cybersecurity,” https:// www.iso.org/standard/44375.html, 2012.C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, “DDoS in the IoT: mirai and other botnets,” IEEE Computer Society, vol. 50, no. 7, pp. 80–84, 2017A.-R. Sadeghi, C. Wachsmann, and M. Waidner, “Security and privacy challenges in industrial internet of things,” in Proceedings of the 52nd ACM/EDAC/IEEE Design Automation Conference (DAC ’15), pp. 1–6, IEEE, San Francisco, Calif, USA, June 2015.A. O. Prokofev, Y. S. Smirnova, and V. A. Surov, “A method to detect Internet of Tings botnets,” in Proceedings of the 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus), pp. 105–108, Moscow, January 2018.V. Adat and B. B. Gupta, “Security in Internet of Tings: issues, challenges, taxonomy, and architecture,” Telecommunication Systems, vol. 67, no. 3, pp. 423–441, 2018.ISO/IEC, “ISO/IEC 27000:2018 - Information technology-Security techniques-Information security management systemsOverview and vocabulary,” https://www.iso.org/standard/73906 .html, 2018.S. Gupta, B. S. Chaudhari, and B. Chakrabarty, “Vulnerable network analysis using war driving and Security intelligence,” in Proceedings of the 2016 International Conference on Inventive Computation Technologies, ICICT 2016, India, August 2016J. R Vacca, Network and system security, S. Elliot, Ed., Syngress - Elsevier, 2014.Y. Chahid, M. Benabdellah, and A. Azizi, “Internet of things security,” in Proceedings of the 2017 International Conference on Wireless Technologies, Embedded and Intelligent Systems, WITS 2017, Morocco, April 2017R. Van Rijswijk and E. Poll, “Using trusted execution environments in two–factor authentication: comparing approaches,” ser. Lecture Notes in Informatics. 1em plus 0.5em minus 0.4em Bonn, Germany: Gesellschaf for Informatik, 9 2013, pp. 20–31.C. Doukas, I. Maglogiannis, V. Kouf, F. Malamateniou, and G. Vassilacopoulos, “Enabling data protection through PKI encryption in IoT m-Health devices,” in Proceedings of the 12th IEEE International Conference on BioInformatics and BioEngineering, BIBE 2012, pp. 25–29, November 2012.W.-I. Bae and J. Kwak, “Smart card-based secure authentication protocol in multi-server IoT environment,” Multimedia Tools and Applications, pp. 1–19, 2017B. B. Zarpel˜ao, R. S. Miani, C. T. Kawakani, and S. C. de Alvarenga, “A survey of intrusion detection in Internet of Tings,” Journal of Network and Computer Applications, vol. 84, pp. 25–37, 2017W. Meng, “Intrusion Detection in the Era of IoT: Building Trust via Trafc Filtering and Sampling,” Te Computer Journal, vol. 51, no. 7, pp. 36–43, 2018.I. Smith and D. Bailey, “IoT Security Guidelines for Endpoint Ecosystem,” GSM Association, Tech. Rep., 2016. [Online]. Available: https://www.gsma.com/iot/wp-content/uploads/2016/ 02/CLP.13-v1.0.pdfP. Kasinathan, G. Costamagna, H. Khaleel, C. Pastrone, and M. A. Spirito, “Demo: An ids framework for internet of things empowered by 6lowpan,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer; Communications Security, pp. 1337–1340, 2013.P. Nespoli and F. G´omez M´armol, “e-Health Wireless IDS with SIEM integration,” in IEEE Wireless Communications and Networking Conference (WCNC’18), Barcelona, Spain, 2018A. Sforzin, F. G. Marmol, M. Conti, and J. Bohli, “RPiDS: Raspberry Pi IDS — A Fruitful Intrusion Detection System for IoT,” in Proceedings of the 2016 Intl IEEE Conferences on Ubiquitous Intelligence & Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People, and Smart World Congress (UIC/ATC/ScalCom/CBDCom/IoP/SmartWorld), pp. 440–448, Toulouse, France, July 2016.I. Kotenko and A. Chechulin, “Computer attack modeling and security evaluation based on attack graphs,” in Proceedings of the 2013 IEEE 7th International Conference on Intelligent Data Acquisition and Advanced Computing Systems, IDAACS 2013, pp. 614–619, Germany, September 2013.I. Kotenko and A. Chechulin, “Common Framework for Attack Modeling and Security Evaluation in SIEM Systems,” in Proceedings of the 2012 IEEE International Conference on Green Computing and Communications (GreenCom), pp. 94– 101, Besancon, France, November 2012.G. Kambourakis, C. Kolias, and A. Stavrou, “Te Mirai botnet and the IoT Zombie Armies,” in Proceedings of the 2017 IEEE Military Communications Conference, MILCOM 2017, pp. 267– 272, USA, October 2017D. Geneiatakis, I. Kounelis, R. Neisse, I. Nai-Fovino, G. Steri, and G. Baldini, “Security and privacy issues for an IoT based smart home,” in Proceedings of the 40th International Convention on Information and Communication Technology, Electronics and Microelectronics, MIPRO 2017, pp. 1292–1297, Croatia, May 2017Z.-K. Zhang, M. C. Y. Cho, C.-W.Wang, C.-W. Hsu, C.-K. Chen, and S. Shieh, “IoT security: ongoing challenges and research opportunities,” in Proceedings of the 7th IEEE International Conference on Service-Oriented Computing and Applications (SOCA ’14), pp. 230–234, IEEE, Matsue, Japan, November 2014.I. A. T. Hashem, I. Yaqoob, N. B. Anuar, S. Mokhtar, A. Gani, and S. Ullah Khan, “Te rise of ‘big data’ on cloud computing: review and open research issues,” Information Systems, vol. 47, pp. 98–115, 2015G. Shpantzer, “Implementing hardware roots of trust: Te trusted platform module comes of age,” SANS Whitepaper, 2013. [Online]. Available: https://trustedcomputinggroup.org/ wp-content/uploads/SANS-Implementing-Hardware-Roots-ofTrust.pdf.S. A. Mirheidari, S. Arshad, and R. Jalili, “Alert Correlation Algorithms: A Survey and Taxonomy,” in Cyberspace Safety and Security, vol. 8300 of Lecture Notes in Computer Science, pp. 183– 197, Springer International Publishing, Cham, 2013.P. Cichonski, T. Millar, T. Grance, and K. Scarfone, “Computer Security Incident Handling Guide : Recommendations of the National Institute of Standards and Technology,” National Institute of Standards and Technology NIST SP 800-61r2, 2012.D. D´ıaz-L´opez, G. D´olera-Tormo, F. G´omez-M´armol, and G. Mart´ınez-P´erez, “Dynamic counter-measures for risk-based access control systems: An evolutive approach,” Future Generation Computer Systems, vol. 55, pp. 321–335, 2016.P. Nespoli, D. Papamartzivanos, F. G. Marmol, and G. Kambourakis, “Optimal countermeasures selection against cyber attacks: A comprehensive survey on reaction frameworks,” IEEE Communications Surveys & Tutorials, 2017.P. H. Gregory, ISSP guide to security essentials, vol. 12, Cengage Learning, 2014.Alienvault, “Insider’s guide to Incident Response,” https://www .alienvault.com/resource-center/ebook/insider-guide-to-incidentresponse-download, 2017E. Tittle, J. M. Stewart, and M. Chapple, CISSP: Certifed Information Systems Security Professional Study Guide, vol. 7, John Wiley Sons, 2012.S. Perumal, N. Md Norwawi, and V. Raman, “Internet of Tings(IoT) digital forensic investigation model: Top-down forensic approach methodology,” in Proceedings of the 5th International Conference on Digital Information Processing and Communications, ICDIPC 2015, pp. 19–23, Switzerland, October 2015.RSA, “Two-Factor Authentication Is a Must for Mobile,” 2016. [Online]. Available: https://www.rsa.com/en-us/blog/2016- 06/two-factor-authentication-is-a-must-for-mobileA. Soro, A. H. Ambe, and M. Brereton, “Minding the gap: Reconciling human and technical perspectives on the IoT for healthy ageing,” Wireless Communications and Mobile Computing, vol. 2017, 2017Internet de las cosasSeguridad informáticaComputer securityLOTInternet of ThingsCiberseguridadTEXTShielding IoT against Cyber-Attacks-An Event-Based.pdf.txtShielding IoT against Cyber-Attacks-An Event-Based.pdf.txtExtracted texttext/plain98632https://repositorio.escuelaing.edu.co/bitstream/001/1467/3/Shielding%20IoT%20against%20Cyber-Attacks-An%20Event-Based.pdf.txt35cdd8c2a3b731b3a0bdda41e6132ddbMD53open accessTHUMBNAILShielding IoT against Cyber-Attacks-An Event-Based.pdf.jpgShielding IoT against Cyber-Attacks-An Event-Based.pdf.jpgGenerated Thumbnailimage/jpeg13621https://repositorio.escuelaing.edu.co/bitstream/001/1467/4/Shielding%20IoT%20against%20Cyber-Attacks-An%20Event-Based.pdf.jpgf7ae74df77768aaf97d1fcd903714314MD54open accessLICENSElicense.txttext/plain1881https://repositorio.escuelaing.edu.co/bitstream/001/1467/1/license.txt5a7ca94c2e5326ee169f979d71d0f06eMD51open accessORIGINALShielding IoT against Cyber-Attacks-An Event-Based.pdfapplication/pdf1631725https://repositorio.escuelaing.edu.co/bitstream/001/1467/2/Shielding%20IoT%20against%20Cyber-Attacks-An%20Event-Based.pdf47f8e7f57ba04c6b8c1286a4097c7677MD52metadata only access001/1467oai:repositorio.escuelaing.edu.co:001/14672022-08-08 17:20:06.571metadata only accessRepositorio Escuela Colombiana de Ingeniería Julio Garavitorepositorio.eci@escuelaing.edu.coU0kgVVNURUQgSEFDRSBQQVJURSBERUwgR1JVUE8gREUgUEFSRVMgRVZBTFVBRE9SRVMgREUgTEEgQ09MRUNDScOTTiAiUEVFUiBSRVZJRVciLCBPTUlUQSBFU1RBIExJQ0VOQ0lBLgoKQXV0b3Jpem8gYSBsYSBFc2N1ZWxhIENvbG9tYmlhbmEgZGUgSW5nZW5pZXLDrWEgSnVsaW8gR2FyYXZpdG8gcGFyYSBwdWJsaWNhciBlbCB0cmFiYWpvIGRlIGdyYWRvLCBhcnTDrWN1bG8sIHZpZGVvLCAKY29uZmVyZW5jaWEsIGxpYnJvLCBpbWFnZW4sIGZvdG9ncmFmw61hLCBhdWRpbywgcHJlc2VudGFjacOzbiB1IG90cm8gKGVuICAgIGFkZWxhbnRlIGRvY3VtZW50bykgcXVlIGVuIGxhIGZlY2hhIAplbnRyZWdvIGVuIGZvcm1hdG8gZGlnaXRhbCwgeSBsZSBwZXJtaXRvIGRlIGZvcm1hIGluZGVmaW5pZGEgcXVlIGxvIHB1YmxpcXVlIGVuIGVsIHJlcG9zaXRvcmlvIGluc3RpdHVjaW9uYWwsIAplbiBsb3MgdMOpcm1pbm9zIGVzdGFibGVjaWRvcyBlbiBsYSBMZXkgMjMgZGUgMTk4MiwgbGEgTGV5IDQ0IGRlIDE5OTMsIHkgZGVtw6FzIGxleWVzIHkganVyaXNwcnVkZW5jaWEgdmlnZW50ZQphbCByZXNwZWN0bywgcGFyYSBmaW5lcyBlZHVjYXRpdm9zIHkgbm8gbHVjcmF0aXZvcy4gRXN0YSBhdXRvcml6YWNpw7NuIGVzIHbDoWxpZGEgcGFyYSBsYXMgZmFjdWx0YWRlcyB5IGRlcmVjaG9zIGRlIAp1c28gc29icmUgbGEgb2JyYSBlbiBmb3JtYXRvIGRpZ2l0YWwsIGVsZWN0csOzbmljbywgdmlydHVhbDsgeSBwYXJhIHVzb3MgZW4gcmVkZXMsIGludGVybmV0LCBleHRyYW5ldCwgeSBjdWFscXVpZXIgCmZvcm1hdG8gbyBtZWRpbyBjb25vY2lkbyBvIHBvciBjb25vY2VyLgpFbiBtaSBjYWxpZGFkIGRlIGF1dG9yLCBleHByZXNvIHF1ZSBlbCBkb2N1bWVudG8gb2JqZXRvIGRlIGxhIHByZXNlbnRlIGF1dG9yaXphY2nDs24gZXMgb3JpZ2luYWwgeSBsbyBlbGFib3LDqSBzaW4gCnF1ZWJyYW50YXIgbmkgc3VwbGFudGFyIGxvcyBkZXJlY2hvcyBkZSBhdXRvciBkZSB0ZXJjZXJvcy4gUG9yIGxvIHRhbnRvLCBlcyBkZSBtaSBleGNsdXNpdmEgYXV0b3LDrWEgeSwgZW4gY29uc2VjdWVuY2lhLCAKdGVuZ28gbGEgdGl0dWxhcmlkYWQgc29icmUgw6lsLiBFbiBjYXNvIGRlIHF1ZWphIG8gYWNjacOzbiBwb3IgcGFydGUgZGUgdW4gdGVyY2VybyByZWZlcmVudGUgYSBsb3MgZGVyZWNob3MgZGUgYXV0b3Igc29icmUgCmVsIGRvY3VtZW50byBlbiBjdWVzdGnDs24sIGFzdW1pcsOpIGxhIHJlc3BvbnNhYmlsaWRhZCB0b3RhbCB5IHNhbGRyw6kgZW4gZGVmZW5zYSBkZSBsb3MgZGVyZWNob3MgYXF1w60gYXV0b3JpemFkb3MuIEVzdG8gCnNpZ25pZmljYSBxdWUsIHBhcmEgdG9kb3MgbG9zIGVmZWN0b3MsIGxhIEVzY3VlbGEgYWN0w7phIGNvbW8gdW4gdGVyY2VybyBkZSBidWVuYSBmZS4KVG9kYSBwZXJzb25hIHF1ZSBjb25zdWx0ZSBlbCBSZXBvc2l0b3JpbyBJbnN0aXR1Y2lvbmFsIGRlIGxhIEVzY3VlbGEsIGVsIENhdMOhbG9nbyBlbiBsw61uZWEgdSBvdHJvIG1lZGlvIGVsZWN0csOzbmljbywgCnBvZHLDoSBjb3BpYXIgYXBhcnRlcyBkZWwgdGV4dG8sIGNvbiBlbCBjb21wcm9taXNvIGRlIGNpdGFyIHNpZW1wcmUgbGEgZnVlbnRlLCBsYSBjdWFsIGluY2x1eWUgZWwgdMOtdHVsbyBkZWwgdHJhYmFqbyB5IGVsIAphdXRvci5Fc3RhIGF1dG9yaXphY2nDs24gbm8gaW1wbGljYSByZW51bmNpYSBhIGxhIGZhY3VsdGFkIHF1ZSB0ZW5nbyBkZSBwdWJsaWNhciB0b3RhbCBvIHBhcmNpYWxtZW50ZSBsYSBvYnJhIGVuIG90cm9zIAptZWRpb3MuRXN0YSBhdXRvcml6YWNpw7NuIGVzdMOhIHJlc3BhbGRhZGEgcG9yIGxhcyBmaXJtYXMgZGVsIChsb3MpIGF1dG9yKGVzKSBkZWwgZG9jdW1lbnRvLiAKU8OtIGF1dG9yaXpvIChhbWJvcykK |