原文传递
Exploiting the IoT Through Network-based Covert Channels.
| 题名: | Exploiting the IoT Through Network-based Covert Channels. |
| 作者: | Harris, K. S. |
| 摘要: | Information leaks are a top concern to industry and government leaders. TheInternet of Things (IoT) is a rapidly growing technology capable of sensing real-worldevents. IoT devices lack a common security standard and typically use lightweightsecurity solutions, exposing the sensitive real-world data they gather. A practicalmethod for exfiltrating data from these devices is by covert channel.This research designs a novel IoT Covert Timing Channel (CTC) by encoding datawithin preexisting network information, namely ports or addresses. Seven differentencoding methods are implemented between two IoT protocols, Transmission Con-trol Protocol/Internet Protocol (TCP/IP) and ZigBee. The TCP/IP covert channelis created by mimicking a Ring smart doorbell and implemented using Amazon WebServices (AWS) servers to generate traffic. The ZigBee channel is built by copying aPhilips Hue lighting system and executed on a Local Area Network (LAN). Addition-ally, the CTC can be implemented in two different modes: Stealth and Bandwidth.Performance is measured using throughput and detectability. The Stealth methodsmimic legitimate traffic captures to make them difficult to detect while the Band-width methods forgo this approach for maximum throughput. Detection results arepresented using four statistical-based detection tests: the Kolmogorov-Smirnov (KS)test, the Shape test, the Regularity test, and the Similarity test.The Stealth results have a throughput of 4.61 bits per second (bps) for TCP/IPand 3.90 bps for ZigBee. They also evade detection tests. The Bandwidth methodsaverage 81.7 Kbps for TCP/IP and 9.76 bps for ZigBee, but are evident in detectiontests. |
| 总页数: | 74 pages |
相关文献
检索历史
应用推荐
