A MEASUREMENT APPROACH FOR INLINE INTRUSION DETECTION OF HEARTBLEED-LIKE ATTACKS IN IOT FRAMEWORK

Authors

  • Purba Senapati UG Scholar in Department of CSE Sreyas Institute Of Engineering And Technology Author

Abstract

Cyber security is one of the most crucial aspects of the Internet of Things (IoT). Among the possible
threats, great interest is today paid toward the possible capturing of information caused by external attacks
on both client and server sides. Whatever the IoT application, the involved nodes are exposed to cyberattacks
mainly through the vulnerability of either the sensor nodes themselves (if they have the
capabilities for networking operatively) or the IoT gateways, which are the devices able to create the link
between the local nodes of the IoT network, and the wide area networks. Due to the low-cost constraints
typical of many IoT applications, the IoT sensor nodes and IoT gateways are often developed on low
performance processing units, in many cases customized for the specific application, and thus not easy to
update against new cyber threats that are continuously identified. In the framework of cyber-attacks
aimed at capturing sensitive information, one of the most known was the heart bleed, which, has allowed
attackers to remotely read protected memory from an estimated 24–55 percent of popular HTTPS sites.
To overcome such a problem, which was due to a bug of the OpenSSL, a suitable patch was quickly
released, thus allowing to avoid the problem in most of the cases. However, IoT devices may require
more advanced mitigation techniques, because they are sometimes unable to be patched for several
practical reasons. In this scenario, the paper proposes a novel measurement method for inline detecting
intrusions due to heart bleed and heart bleed-like attacks. The proposed solution is based on an effective
rule which does not require decoding the payload and that can be implemented on a low-performance general-purpose processing unit. Therefore, it can be straightforwardly implemented and included in
either IoT sensor nodes or IoT gateways. The realized system has been tested and validated on a number
of experiments carried out on a real network, showing performance comparable (in some cases better)
with the heavier machine learning-based methods.

Downloads

Published

2024-04-30

Issue

Vol. 14 No. 2 (2024): April-June

Section

Articles

How to Cite

A MEASUREMENT APPROACH FOR INLINE INTRUSION DETECTION OF HEARTBLEED-LIKE ATTACKS IN IOT FRAMEWORK. (2024). International Journal of Engineering and Science Research, 14(2), 1148-1160. https://www.ijesr.org/index.php/ijesr/article/view/795