More Like this

1. Analysis and Prevention of Security Vulnerabilities in a Smart City

   https://doi.org/10.1109/CCWC54503.2022.9720824  

   Lupton, Ben ; Zappe, Mackenzie ; Thom, Jay ; Sengupta, Shamik ; Feil-Seifer, Dave ( January 2022 , Computing and Communication Workshop and Conference (CCWC))

   In recent years, there has been a growing interest in so-called smart cities. These cities use technology to connect and enhance the lives of their citizens. Smart cities use many Internet of Things (loT) devices, such as sensors and video cameras, that are interconnected to provide constant feedback and up-to-date information on everything that is happening. Despite the benefits of these cities, they introduce a numerous new vulnerabilities as well. These smart cities are now susceptible to cyber-attacks that aim to “alter, disrupt, deceive, degrade, or destroy computer systems.” Through the use of an educational and research-based loT test-bed with multiple networking layers and heterogeneous devices connected to simultaneously support networking research, anomaly detection, and security principles, we can pinpoint some of these vulnerabilities. This work will contribute potential solutions to these vulnerabilities that can hopefully be replicated in smart cities around the world. Specifically, in the transportation section of our educational smart city several vulnerabilities in the signal lights, street lights, and the cities train network were discovered. To conduct this research two scenarios were developed. These consisted of inside the network security and network perimeter security. For the latter we were able to find extensive vulnerabilities that would allow an attacker to map the entire smart city sub-network. Solutions to this problem are outlined that utilize an Intrusion Detection System and Port Mirroring. However, while we were able to exploit the city's Programmable Logic Controller (PLC) once inside the network, it was found that due to dated Supervisory Control and Data Acquisition (SCADA) systems, there were almost no solutions to these exploits. 

   more » « less
2. A Capstone Project: Designing an IoT Threat Modeling to Prevent Cyber-attacks

   Toutsop, O. ( November 2021 , 2021 Fall ASEE Middle Atlantic Section Meeting)

   The NTT (Nippon Telegraph and Telephone) Data Corporation report found that 80% of U.S. consumers are concerned about their smart home data security. The Internet of Things (IoT) technology brings many benefits to people's homes, and more people across the world are heavily dependent on the technology and its devices. However, many IoT devices are deployed without considering security, increasing the number of attack vectors available to attackers. Numerous Internet of Things devices lacking security features have been compromised by attackers, resulting in many security incidents. Attackers can infiltrate these smart home devices and control the home via turning off the lights, controlling the alarm systems, and unlocking the smart locks, to name a few. Attackers have also been able to access the smart home network, leading to data exfiltration. There are many threats that smart homes face, such as the Man-in-the-Middle (MIM) attacks, data and identity theft, and Denial of Service (DoS) attacks. The hardware vulnerabilities often targeted by attackers are SPI, UART, JTAG, USB, etc. Therefore, to enhance the security of the smart devices used in our daily lives, threat modeling should be implemented early on in developing any given system. This past Spring semester, Morgan State University launched a (senior) capstone project targeting undergraduate (electrical) engineering students who were thus allowed to research with the Cybersecurity Assurance and Policy (CAP) center for four months. The primary purpose of the capstone was to help students further develop both hardware and software skills while researching. For this project, the students mainly focused on the Arduino Mega Board. Some of the expected outcomes for this capstone project include: 1) understanding the physical board components, 2) learning how to attack the board through the STRIDE technique, 3) generating a Data Flow Diagram (DFD) of the system using the Microsoft threat modeling tool, 4) understanding the attack patterns, and 5) generating the threat based on the user's input. To prevent future threats and attacks from taking advantage of systems vulnerabilities, the practice of "threat modeling" is implemented. This method allows the analysis of potential attackers, including their goals and techniques, while also providing solutions and mitigation strategies. Although Threat modeling can be performed throughout the development of a system, implementing it during developmental stages will prevent further problems in the future. Threat Modeling is crucial because it will help identify any potential threat before it propagates in the system. Identifying threats and providing countermeasures will save both time and money while also keeping the consumers safe. As a result, students must grow to understand how essential detecting and preventing attacks are to protect consumer information systems and networks. At the end of this capstone project, students should take away hands-on skills in cyber defense. 

   more » « less
3. Evidence Fusion for Malicious Bot Detection in IoT

   https://doi.org/10.1109/BigData.2018.8621895  

   Chatterjee, Moitrayee ; Namin, Akbar Siami ; Datta, Prerit ( December 2018 , 2018 IEEE International Conference on Big Data (Big Data))

   Billions of devices in the Internet of Things (IoT) are inter-connected over the internet and communicate with each other or end users. IoT devices communicate through messaging bots. These bots are important in IoT systems to automate and better manage the work flows. IoT devices are usually spread across many applications and are able to capture or generate substantial influx of big data. The integration of IoT with cloud computing to handle and manage big data, requires considerable security measures in order to prevent cyber attackers from adversarial use of such large amount of data. An attacker can simply utilize the messaging bots to perform malicious activities on a number of devices and thus bots pose serious cybersecurity hazards for IoT devices. Hence, it is important to detect the presence of malicious bots in the network. In this paper we propose an evidence theory-based approach for malicious bot detection. Evidence Theory, a.k.a. Dempster Shafer Theory (DST) is a probabilistic reasoning tool and has the unique ability to handle uncertainty, i.e. in the absence of evidence. It can be applied efficiently to identify a bot, especially when the bots have dynamic or polymorphic behavior. The key characteristic of DST is that the detection system may not need any prior information about the malicious signatures and profiles. In this work, we propose to analyze the network flow characteristics to extract key evidence for bot traces. We then quantify these pieces of evidence using apriori algorithm and apply DST to detect the presence of the bots. 

   more » « less
4. SPLICEcube Architecture: An Extensible Wi-Fi Monitoring Architecture for Smart-Home Networks

   Malik, Namya ( May 2022 , Dartmouth Digital Commons)

   The vision of smart homes is rapidly becoming a reality, as the Internet of Things and other smart devices are deployed widely. Although smart devices offer convenience, they also create a significant management problem for home residents. With a large number and variety of devices in the home, residents may find it difficult to monitor, or even locate, devices. A central controller that brings all the home’s smart devices under secure management and a unified interface would help homeowners and residents track and manage their devices. We envision a solution called the SPLICEcube whose goal is to detect smart devices, locate them in three dimensions within the home, securely monitor their network traffic, and keep an inventory of devices and important device information throughout the device’s lifecycle. The SPLICEcube system consists of the following components: 1) a main cube, which is a centralized hub that incorporates and expands on the functionality of the home router, 2) a database that holds network data, and 3) a set of support cubelets that can be used to extend the range of the network and assist in gathering network data. To deliver this vision of identifying, securing, and managing smart devices, we introduce an architecture that facilitates intelligent research applications (such as network anomaly detection, intrusion detection, device localization, and device firmware updates) to be integrated into the SPLICEcube. In this thesis, we design a general-purpose Wi-Fi architecture that underpins the SPLICEcube. The architecture specifically showcases the functionality of the cubelets (Wi-Fi frame detection, Wi-Fi frame parsing, and transmission to cube), the functionality of the cube (routing, reception from cubelets, information storage, data disposal, and research application integration), and the functionality of the database (network data storage). We build and evaluate a prototype implementation to demonstrate our approach is scalable to accommodate new devices and extensible to support different applications. Specifically, we demonstrate a successful proof-of-concept use of the SPLICEcube architecture by integrating a security research application: an "Inside-Outside detection" system that classifies an observed Wi-Fi device as being inside or outside the home. 

   more » « less
5. An REU/RET Project: IoT Platform and Network Data Visualization

   Toutsop, O. ( November 2021 , 2021 Fall ASEE Middle Atlantic Section Meeting)

   Internet of Things (IoT) is a connected network of devices that exchange data using different protocols. The application of IoT ranges from intelligent TVs and intelligent Refrigerators to smart Transportation. This research aims to provide students with hands-on training on how to develop an IoT platform that supports device management, connectivity, and data management. People tend to build interconnected devices without having a basic understanding of how the IoT platform backend function. Studying the Arm Pelion will help to understand how IoT devices operate under the hood. This past summer, Morgan State University has hosted undergraduate engineering students and high school STEM teachers to conduct IoT security research in the Cybersecurity Assurance & Policy (CAP) Center. The research project involved integrating various hardware sensor devices and real-time data monitoring using the Arm Pelion IoT development platform. Some of the student/teacher outcomes from the project include: 1) Learning about IoT Technology and security; 2) Programming an embedded system using Arm Mbed development board and IDE; 3 3) Developing a network of connected IoT devices using different protocols such as LWM2M, MQTT, CoAP; 4) Investigating the cybersecurity risks associated with the platform; and 5) Using data analysis and visualization to understand the network data and packet flow. First, the student/teacher must consider the IoT framework to understand how to address the security. The IoT framework describes the essential functions of an IoT network, breaking it down into separate layers. These layers include an application layer, middleware layer, and connectivity layer. The application layer allows the users to access the platform via a smartphone or any other dashboard. The Middleware layer represents the backend system that provides edge devices with data management, messaging, application services, and authentication. Finally, the connectivity layer includes devices that connect the user to the network, including Bluetooth or WiFi. The platform consists of several commercial IoT devices such as a smart camera, baby monitor, smart light, and other devices. We then create algorithms to classify the network data flow; to visualize the packets flow in the network and the structure of the packets data frame over time. 

   more » « less