Techniques Bring Us Closer to Standardization of IoT Security

Currently, there is no one set of standards for IoT security. Every manufacturer out there develops its own set of security on its devices and these may or may not work with other devices out there.

Back in August, the National Institute of Standards and Technology (NIST) released a guide to help us all adjust to a world where seemingly everything is connected — and potentially vulnerable.

The guide identified a set of voluntary recommended cybersecurity features to include in network-capable devices, whether designed for the home, the hospital or the factory floor. Although the guide’s subtitle is A Starting Point for IoT Device Manufacturers, its principles can be useful to anyone who links a device to the internet.

“This ‘Core Baseline’ guide offers some recommendations for what an IoT device should do and what security features it should possess,” said Mike Fagan, a NIST computer scientist and one of the guide’s authors. “It is aimed at a technical audience, but we hope to help consumers as well as manufacturers.”

In another step, a team from Penn State World Campus developed a multi-pronged data analysis approach that can strengthen the security of Internet of Things (IoT) devices — such as smart TVs, home video cameras and baby monitors — against current risks and threats.

“By 2020, more than 20 billion IoT devices will be in operation, and these devices can leave people vulnerable to security breaches that can put their personal data at risk or worse, affect their safety,” said Beulah Samuel, a student in the Penn State World Campus information sciences and technology program. “Yet no strategy exists to identify when and where a network security attack on these devices is taking place and what such an attack even looks like.”

The team applied a combination of approaches often used in traditional network security management to an IoT network simulated by the University of New South Wales Canberra. Specifically, they showed how statistical data, machine learning and other data analysis methods could be applied to assure the security of IoT systems across their lifecycles. They then used intrusion detection and a visualization tool, to determine whether or not an attack had already occurred or was in progress within that network.

One of the data analysis techniques the team applied was the open-source freely available R statistical suite, which they used to characterize the IoT systems in use on the Canberra network. In addition, they used machine learning solutions to search for patterns in the data that were not apparent using R.

“One of the challenges in maintaining security for IoT networks is simply identifying all the devices that are operating on the network,” said John Haller, a student in the Penn State World Campus information sciences and technology program. “Statistical programs, like R, can characterize and identify the user agents.”

The researchers used the widely available Splunk intrusion detection tool, which comprises software for searching, monitoring and analyzing network traffic, via a Web-style interface.

“Splunk is an analytical tool that is often used in traditional network traffic monitoring, but had only seen limited application to IoT traffic, until now,” said Melanie Seekins.

Using these tools, and others, the team identified three IP addresses that were actively trying to break into the Canberra network’s devices.

As the basis for their approach, the researchers compared it to a common framework used to help manage risk, the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF).

While the NIST RMF was not created for IoT systems, it provides a framework that organizations can use to tailor, test, and monitor implemented security controls, which in turn lends credibility to the team’s approach.

Ultimately, the ability to analyze IoT data using this approach may enable security professionals to identify and manage controls to mitigate risk and analyze incidents as they occur.

“Knowing what has taken place in an actual attack helps us write scripts and monitors to look for those patterns,” said Seekins. “These predictive patterns and the use of machine learning and artificial intelligence can help us anticipate and prepare for major attacks using IoT devices.”

The team hopes their approach will contribute to the creation of a standard protocol for IoT network security.

 

Leave A Reply

Your email address will not be published.