Download PDFOpen PDF in browser

IANVS: A Moving Target Defense Framework for a Resilient Internet of Things

EasyChair Preprint 3786

6 pagesDate: July 7, 2020

Abstract

The Internet of Things (IoT) is more and more present in fundamental aspects of our societies and personal life. Billions of objects now have access to the Internet. This networking capability allows for new beneficial services and applications. However, it is also the entry-point for a wide variety of cyber-attacks that target these devices. The security measures present in real IoT systems lag behind those of the standard Internet. Security is sometimes completely absent. Moving Target Defense (MTD) is a 10-year-old cyber-defense paradigm. It proposes to randomize components of a system. Reasonably, an attacker will have a higher cost attacking an MTD-version of a system compared with a static-version of it. Even if MTD has been successfully applied to standard systems, its deployment for IoT is still lacking. In this paper, we propose a generic MTD framework suitable for IoT systems: IANVS (pronounced Janus). Our framework has a modular design. Its components can be adapted according to the specific constraints and requirements of a particular IoT system. We use it to instantiate two concrete MTD strategies. One that targets the UDP port numbers (port-hopping), and another a CoAP resource URI. We implement our proposal on real hardware using Pycom LoPy4 nodes. We expose the nodes to a remote Denial-of-Service attack and evaluate the effectiveness of the IANVS-based port-hopping MTD proposal.

Keyphrases: ChaCha20, CoAP, Design, Framework, Hping3, IoT, LoPy4, MTD, Moving Target Defense, Reconnaissance, Security, attack, port hopping, stream cipher

BibTeX entry
BibTeX does not have the right entry for preprints. This is a hack for producing the correct reference:
@booklet{EasyChair:3786,
  author    = {Renzo Navas and Håkon Sandaker and Frédéric Cuppens and Nora Cuppens-Boulahia and Laurent Toutain and Georgios Papadopoulos},
  title     = {IANVS: A Moving Target Defense Framework for a Resilient Internet of Things},
  howpublished = {EasyChair Preprint 3786},
  year      = {EasyChair, 2020}}
Download PDFOpen PDF in browser