What About Compromised Internet of Things (IoT) Devices?
As we progress ever faster toward an entirely connected Internet of Things (IoT) world, with refrigerators placing orders for milk and washing machines placing orders for detergent and our smart phones connecting everything within the grasp of home and even business security, from mere entry credentials to locking the doors, we need to take a moment to consider what happens when an IoT device has been hacked or compromised and viable solutions. The site www.helpnetsecurity.com recently wrote on this very topic.
A group of researchers have devised a self-learning system for detecting compromised IoT devices that does not require prior knowledge about device types or labeled training data to operate.
“We propose a novel approach that combines automated device-type identification and subsequent device-type-specific anomaly detection by making use of machine learning techniques. Using this approach, we demonstrate that we can effectively and quickly detect compromised IoT devices with little false alarms, which is an important consideration for deployability and usability of any anomaly detection approach,” the researchers noted.
About the DÏOT System
DÏOT, as they’ve dubbed the system, consists of a Security Gateway and an IoT Security Service.
Image Source: www.helpnetsecurity.com
The former stands in as the local access gateway to the Internet to which IoT devices connect, but it also monitors the communication patterns of connected IoT devices and extracts device fingerprints for identifying the device type, as well as detects devices displaying abnormal communication behavior (potentially caused by malware).
The latter uses the device fingerprints created by the Security Gateway to identify the type of IoT devices in use and then sends the anomaly detection models for those specific types of devices to the Security Gateway, to use to detect deviations from normal behavior encoded by the detection model.
Once a compromised IoT device is detected, the Service can let users know so they can proceed with remediation.
A Viable Solution
The researchers wanted to create a solution for detecting compromised IoT devices that would work for novel attacks (i.e., would not rely solely on signatures) and would scale and work for the extremely fragmented IoT device market.
TO CONTINUE READING PLEASE GO TO HELPNETSECURITY.COM
Experience the next generation of interactive security services and solutions with GenX Security.
With custom security integration solutions come custom quotes designed for your needs. Please contact us by clicking here or calling 866-598-4369.
Comments