China
Africa
Explore chapters and articles related to this topic
Security in Wireless Multimedia Communications
Published in K. R. Rao, Zoran S. Bojkovic, Bojan M. Bakmaz, Wireless Multimedia Communication Systems, 2017
K. R. Rao, Zoran S. Bojkovic, Bojan M. Bakmaz
Traffic analysis is the process of intercepting and examining messages to deduce information from patterns in communication. It is a very effective way to determine the geographic location of a sink node. For example, if a sink node is well-concealed visually, an adversary cannot determine its location by visually scanning the area where the WMSN is deployed. That person needs to analyze the network traffic to determine the location of a sink node in such cases. Furthermore, if the WMSN covers a large area, it is very difficult for the adversary to scan every location to find a sink node. However, by analyzing network traffic, an intruder can quickly track its location. In some other cases, it is impractical for the adversary to freely move from place to place to visually search a sink node. For example, an adversary monitoring a WMSN needs to hide from sensor nodes. Traffic analysis provides that person an efficient way to find the location of the sink node.
RFID Specification Revisited
Published in Lu Yan, Yan Zhang, Laurence T. Yang, Huansheng Ning, The Internet of Things, 2008
Pedro Peris-Lopez, Julio C. Hernandez-Castro, Juan M. Estevez-Tapiador, Arturo Ribagorda
Although the two problems mentioned above are the most important security questions that arise in RFID technology, there are some others worth mentioning:Physical attacks: In order to mount these attacks, it is necessary to manipulate tags physically, generally in a laboratory. Some examples of physical attacks are probe attacks, material removal through shaped charges or water etching, radiation imprinting, circuit disruption, and clock glitching, among others.Denial of Service (DOS): A common example of this type of attack in RFID systems is the signal jamming of RF channels. Counterfeiting: Attacks that consist in modifying the identity of an item by means of tag manipulation.Spoofing: An attacker is able to successfully impersonate another, for example, in a man-in-the-middle attack. Eavesdropping: Attacks when unintended recipients are capable of intercepting and reading messages.Traffic analysis: The process of intercepting and examining messages in order to extract information from patterns in communication. It can be performed even when the messages are encrypted and cannot be decrypted. In general, the greater the number of messages observed, the more information that can be inferred from the traffic.
Detection of DoS attacks exploiting SUBSCRIBE messages of the MQTT protocol
Published in International Journal of Computers and Applications, 2022
Dmitrii Dikii, Aleksey Tikhomirov
The problem of DoS attacks on the IoT is researched in many papers. A signature method based on intrusion detection tool was proposed in 1999 [10]. The development of the intrusion detection method for wireless sensor networks using the CoAP protocol is presented in the work [11]. Botnets security threats for the 6LoWPAN networks were assessed and, as a result, the DoS attacks were researched [12]. In work [13] three DoS attacks, for the IoT network implementing the TCP protocol on the application layer, were considered. The machine learning method appliance for detecting the DoS attacks and the anomalous behavior was considered in paper [14]. The comparison of the neural network, the decision tree algorithm, the linear regression, the support vectors machine, the random forest algorithm on the data set is presented in paper [15]. The use of the dense random neural networks (DRNN) in the task of DoS attack detection was shown in paper [16]. The class of attacks similar to the DoS attacks was also described here. The analogous research of the machine learning method appliance for detecting attacks is presented in paper [17]. The authors have analyzed the TCP traffic from the IoT devices. The use of the machine learning methods from the Weka software package for the intrusion detection system is presented in paper [18]. The authors tested their proposed approach for detecting the DoS attacks such as UDPflood and SYNflood. In relation to detecting the DoS attacks using the MQTT protocol paper [19] should be noted, which covers issues of the DoS attack detection using fuzzy logic methods. The CONNECT and the CONNACK messages of the MQTT protocol were used as researched types of messages. The authors have calculated the ratio of the number of researched messages to the total number of messages in the network. Thus, if the device was sending the connection request more often than usual, the classifier decided to impart the device behavior as one of the types: normal, abnormal, attack. A similar study, where CONNECT messages were used as an attack tool, is presented in [20]. Machine learning methods are often used for developing intrusion detection tools, including the DoS attack detection for the IoT networks [21]. The network traffic analysis often occurs at the application layer using the TCP and the UDP protocols. At the same time, the IoT networks operate other specific protocols that are typical only for this technology. For example, Kumar N. et al. [22] considered the issue of a feature vector extraction for detecting Interest flooding attack in named data networking (NDN) [23]. The ‘publisher-subscriber’ structure is a special case of NDN [24] and the Interest flooding attack as a type of DoS attacks also can be realized in studied networks at the application level. Therefore, the development of methods and tools for the DoS attack detection has to be based on the protocol stack used in the network. The researched MQTT protocol performs functions on top of the TCP/IP stack, and, as a result, the TCP layer attacks will be as typical as the MQTT protocol layer attack.