The development and deployment of various internet of things (IoT) devices in homes has increased the risks to home networks with such devices inadvertently opening loopholes that could allow fraudsters and others to gain access to the devices themselves, but more worryingly to other devices such as tablet and desktop computers, smartphones, and smart media devices connected to the same home network.
The problem is discussed by a team from India in the International Journal of Sensor Networks. N.D. Patel and B.M. Mehtre of the Institute for Development and Research in Banking Technology (IDRBT) and Rajeev Wankar of the University of Hyderabad, India, explain how cybercrime is on the rise and to some degree this is being driven by the advent of the IoT.
The team cites the Mirai-BotNet, which infected and took control of many IoT devices and routers, creating a network of robots that can be controlled remotely. Such a botnet of zombie computers and devices can be used to cause problems for other systems, such as distributed denial of service (dDoS) attacks. dDoS attacks in turn can be used to overwhelm a network and its security systems allowing a malicious third party to wheedle their way into the system and steal data or tamper with the systems that depend on the network.
To address the issue of the growing security threat to IoT devices, the researchers have proposed a new type of router called a Snort-based secure edge router for the smart home. The team has designed this router to resist and repel many different types of cyberattacks. The team explains how their system uses Snort software to automatically generate rules to protect against attacks. The rules are generated by combining information about the type of data being sent to the device, perhaps from a malicious third party, its location, the header information (the to and from details), and the patterns present in the data being sent to the device.
The researchers tested the SERfSH using a setup that included a Raspberry Pi 4 computer, an ESP32 microcontroller, six IoT devices, and a computer set up to simulate an attack, a so-called “malicious actor machine”. They tested the system against 15 different types of attack. Deauthentication, fake-authentication, sybil attacks, broken-authentication, MAC spoofing, sink hole attacks, DoS, distributed-DoS, port-scanning, WiFi-cracking, ARP-poisoning, DNS-spoofing, malware-based DoS, RPL attacks (flooding), and firmware vulnerability.
The results showed that 14 of these attacks were readily detected although firmware vulnerability was not. 12 of the attacks were blocked and caused no harm with the exception of firmware vulnerability, obviously, as it was not detected and DNS spoofing. The team suggests that the system is scalable and is now planning to use unsupervised machine learning to improve attack detection and ultimately protect against them all.
Patel, N.D., Mehtre, B.M. and Wankar, R. (2023) ‘A Snort-based secure edge router for smart home’, Int. J. Sensor Networks, Vol. 41, No. 1, pp.42–59.