Automatic Topology Analysis for Distributed Anomalies Prevention Systems in the IoT
Automatic Topology Analysis for Distributed Anomalies Prevention Systems in the IoT
Automatic Topology Analysis for Distributed Anomalies Prevention Systems in the IoT
The convenience and speed of digital communications have become an integral part of our personal daily lives, as well as education, business and research. While powerful and portable mobile devices and high-speed networks have brought great convenience, a number of security challenges have also emerged. Amongst different computer network security threats like viruses and worms, botnets have continued to be the most dangerous. As for the revolution brought by mobile devices, today we are living another digital revolution, a network of billions of intelligent devices known as the Internet of Things (for short, IoT), that is quickly changing again the way in which users and devices interact with each other. What is new in the IoT revolution is the shift from special purpose computing to general purpose with tiny devices such as doorknobs or light-bulbs capable of carrying as much compute power and connectivity as smart-phones.
This paradigm shift from user devices to autonomous systems will be also powered by a new technology that is changing the digital trust model from centralized to distributed, or “democratic” as it has been called by IBM. The blockchain technology can be seen as a distributed database where each change is first validated by the network with a distributed consensus algorithm and then written into the database. In this way, outputs sent to other devices and inputs received from other devices are controlled by the whole network. This brings a great convenience for our digital world as no third parties, governments or external authorities are needed to establish digital trust within a network but also poses new threats. In fact, by agreeing and distributing arbitrary data to the whole network it is possible to spread malicious software and to build a botnet way much faster. It is then of paramount importance to design new monitoring and mitigation strategies to prevent such a new kind of epidemic botnets.
AUTODAPS is aimed at the analysis of well known and effective topological data analysis approaches/tools and at the remodeling of such solutions for a blockchain-based IoT network. Unlike common networks, in our environment AUTODAPS will have to deal with virtual devices that can be arbitrarily and easily created/modified/removed by other devices within the network thus radically changing its topology. To do so, AUTODAPS will exploit already existing blockchain protocols (as Bitcoins or other powerful solutions such as the Colored Coins) to spread some malicious software among the devices. Those infected devices will then be analyzed to understand and to model how they tend to behave within the network in order to extract topological information and to compare them with known results. With the obtained data a topology-based Intrusion Detection/Prevention System (for short, IDS/IPS) will be designed/developed that can autonomously and automatically adapt to different topologies and dynamically re-design anomalies prevention systems (for short, APS) as the environment changes by exploiting isomorphism algorithms.
This project is a collaboration between the Wireless Communications Group at our Department and Bell Labs Paris.
To know more:
- Presentation of the project at the Data-driven Knowledge Extraction Workshop, June 2016 (Slides and PhD thesis mentioned: Towards an internet of trust: issues and solutions for identification and authentication in the internet of things. PhD thesis. Matteo Signorini. Sup: Vanesa Daza, Roberto Di Pietro)
Principal researchers
Vanesa DazaResearchers
Matteo SignoriniFederico Franzoni
Roberto Di Pietro
Carla Ràfols