Upload
achu-anna-antony
View
54
Download
1
Embed Size (px)
Citation preview
SECURITY ISSUES OF IOT WITH FOG.
Achu Anna AntonyS1 M.Tech CSE
Roll No: 01Guide: Mr.Bino ThomasAssistant Professor, CSE
November 9, 2016
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 1 / 25
OUTLINE
Introduction
Existing System
Problem Statement
Proposed System
Conclusion
Future Works
References
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 2 / 25
INTRODUCTION
Cloud: Storing and accessing data and programs over theInternet instead of computer’s hard drive.IoT : Everyday objects(IoT nodes) connected throughInternet, allowing them to send and receive dataIoT uses:
Internet : Infrastructure to interconnect IoT nodesCloud: Background supporting infrastructure
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 3 / 25
INTRODUCTION contd...
Huge network latency and Backend overhead occurs as datato be processed increases in IoT cloud. So IoT uses,
Fog as a solution : ie.. intermediate computing buffer betweenIoT nodes and Cloud
Adoption of IoT fog can cause many security threats, which isexplored throughout
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 4 / 25
EXISTING SYSTEM
Title:- ”Fog Computing and Its Role in the Internet of Things”(F.Bonomi, R. Milito, J. Zhu, and S. Addepalli)
Proposed:Fog Computing - Extension of cloud computing Features used
Features:Highly virtualized platform
LimitationsMulti fog OS prevents from access of other OS. If there occurany problem on Kernel mode, it does not prevent.
Figure: Fog with computing features
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 5 / 25
EXISTING SYSTEM contd...
Title:-”The Fog Computing Paradigm: Scenarios and SecurityIssues” (I. Stojmenovic and W. Sheng)
Proposed:Man in the middle attack- Fog devices get replaced by fakeones.
Features:Intrusion Detection method signature, behavioural or anomalybased detection method
LimitationsProtection methods like encryption and decryption of dataconsume large amount of battery on mobile devices.
Figure: Man-In-The-Middle AttackAchu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 6 / 25
EXISTING SYSTEM contd...
Title:- Semantics-Aware Android Malware Classification UsingWeighted Contextual API Dependency Graphs (M. Zhang, Y.Duan, H. Yun, and Z.Zhao)
Proposed:Android based malware detection
Features:Uses Signature based approach for detection of malwareGraphs are generated from behaviour graphs and convert it tosignature and stores in database.
LimitationsDetection of malware from unknown or new malware familywill be hectic.
Figure: Android based malware to signature conversion[4]
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 7 / 25
FOG COMPUTING
Fog computing is an extension of cloud computing paradigm,but is a more highly virtualized platform that providescomputation, storage, and networking services between endIoT devices and back-end cloud servers.
Figure: The hierarchical fog computing architecture
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 8 / 25
ADVANTAGES AND APPLICATIONS OF FOG
Advantages
Greater business agilityLow latencyGeo distributionLower operating expense
Applications
Geographically distributed applicationsFast mobile applicationsLarge-scale distributed control systems
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 9 / 25
PROBLEM STATEMENT
As fog infrastructure is prone to many security threats, thereis a need for studying about them deeply so as the methodsdiscussed in the proposed systems is needed to combine whichis examined in the proposed system
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 10 / 25
RELEVANT SECURITY TECHNOLOGIES
Security technology for IoT network
When client wants to access cloud services, he must gothrough authentication process to ensure confidentiality andsecurity for IoT network.
Authorized users can access cloud with mobile devices.
Protocol is of two phases: Registration and Authentication.
Figure: Authentication as a service
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 11 / 25
RELEVANT SECURITY TECHNOLOGIES contd...
Security technology for fog node
In fog Computing, much of the information is gathered intofog node.
If a wrong information is spread by exploiting vulnerability is abig problem.
So need dynamic analysis techniques to monitor fog node inreal time
Typically, the performance overhead of dynamic analysis ishigh.
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 12 / 25
RELEVANT SECURITY TECHNOLOGIES contd...
Security technology for IoT node
When some IoT nodes are out of order or provide wronginformation, it can affect people.
Attacker has many chances to compromise various deviceswith sensors.
The attacker is able to predict user behavior and abuse itsinformation.
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 13 / 25
RELEVANT SECURITY TECHNOLOGIES contd...
For IoT nodes, to be truly secure, an IoT node must alsoobtain application layer security.
That means that the node itself, and not just thecommunication channel (i.e. the pipe), should beauthenticated.
In addition to channel authentication, encryption and dataintegrity should be established at the application layer toprotect the data flowing through the pipe.
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 14 / 25
SECURITY AND PRIVACY ISSUES IN FOGCOMPUTING
Man- in- the middle Attack
In this attack, gateways serving as fog devices may becompromised or replaced by fake ones.Use a strong encryption between the client and the server andnever connect to open WiFi routers directly.Encryption and decryption methods consume large amount ofbattery on mobile device.
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 15 / 25
SECURITY AND PRIVACY ISSUES IN FOGCOMPUTING contd...
Intrusion Detection
Intrusion detection system analyzes and monitors
i) access control policy, ii) a log file, and iii)user loginformation in order to detect intrusion behavior.
It can be run on network side in order to detect maliciousactivity such as DoS, port scanning.
Intrusion detection techniques have been applied to mitigateattacks such as i) insider attack, ii) flooding attack, iii) portscanning, iv) attacks on VM or hypervisor.
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 16 / 25
SECURITY AND PRIVACY ISSUES IN FOGCOMPUTING contd...
Malicious Fog node problem
In order to provide service to user, fog nodes process datareceived from the IoT devices.
If the workloads is heavy, it is divided into several jobs andprocessed by several fog nodes.
If some fog nodes are compounded by a malicious user, it isdifficult to ensure the integrity of the data.
Before the computation begin, fog nodes must trust eachother.
An authentication protocol is required.
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 17 / 25
SECURITY AND PRIVACY ISSUES IN FOGCOMPUTING contd...
Malicious Detection Technique
When some fog nodes are compromised, hybrid detectiontechnique is useful to detect malicious code in fog nodes.
It is combined with signature-based detection technique andbehavior-based detection technique.
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 18 / 25
SECURITY AND PRIVACY ISSUES IN FOGCOMPUTING contd...
Data Protection
Messages generated from IoT devices is sent to the nearestfog nodes.
When distributed and processed data is merged, the integrityof the data should be guaranteed.
Because of limited resources, it is difficult to encrypt ordecrypt data on IoT device so light-weight encryptionalgorithms or masking techniques are required.
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 19 / 25
SECURITY AND PRIVACY ISSUES IN FOGCOMPUTING contd...
Data Management Issues
Fog nodes are geographically distributed, making it difficult toknow data location.
The user wants to be provided with the same services in otherareas.
It is difficult for user to know whether the node provides thesame service.
Some fog nodes by having duplicated files will cause a wasteof resources.
IoT will create enormous amounts of data there is a need fordistributed intelligence and so-called fast Big Data processing.
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 20 / 25
SECURITY AND PRIVACY ISSUES IN FOGCOMPUTING contd...
Every communication deployment of IoT is unique.
However, there are four basic stages that are common to justabout every IoT application. Those components are:
data collection,data transmission,data assessment, andresponse to the available information.
Successful data management is therefore very important tothe success of IoT.
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 21 / 25
CONCLUSION
IoT cloud with fog embedded system can overcome
congestion problemnetwork latency
Fog computing provides the improved quality of services tothe user by complementing shortages of IoT cloud.
IoT technology can be utilized in various fields in the future.
This presentation highlights the need to configure the securefog computing environment through security technologies
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 22 / 25
FUTURE WORKS
Future work should be done to develop a system for efficientlycollect and analyze various logs generated in fog computingenvironment..
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 23 / 25
REFERENCES
[1] Kanghyo Lee , Donghyun Kim, Dongsoo Ha, Ubaidullah Rajputand Heekuck Oh,”On Security and Privacy Issues of FogComputing supported Internet of Things Environment,”HanyangUniversity, ERICA Campus, South Korea,2015.[2] L.M.Vaquero and L.Rodero-Merino,Finding your Way inFog:Towards a Comprehensive Definition of Fog Computing, ACMSIGCOMM Computer Communication Review, vol.44, Oct. 2014.[3] F.Bonomi, R.Milito, J.Zhu, and S.Addepalli,Fog Computing andIts Role in the Internet of Things, Proceedings of the first editionof the MCC workshop on Mobile Cloud Computing,Aug.2012.[4] I.Stojmenovic and W.Sheng,The Fog Computing Paradigm:Scenarios and Security Issues, Federated Conference on ComputerScience and Information Systems, pp.1-8, Sept. 2014.[5] M.Zhang, Y.Duan, H.Yun, and Z.Zhao,Semantics-AwareAndroid Malware Classification Using Weighted Contextual APIDependency Graphs, Proceedings of the 2014 ACM SIGSACConference on Computer and Communications Security, Nov.2014.
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 24 / 25
THANK YOU
Achu Anna Antony S1 M.Tech CSE Roll No: 01 Guide: Mr.Bino Thomas Assistant Professor, CSESECURITY ISSUES OF IOT WITH FOG. 25 / 25