Shielding IoT against cyber-attacks: An event-based approach using SIEM

Daniel Diaz-López; Maria Blanco Uribe; Claudia Santiago Cely; Andrés Vega Torres; Nicolás Moreno Guataquira; Stefany Morón Castro; Pantaleone Nespoli; Félix Gómez Mármol

Shielding IoT against cyber-attacks: An event-based approach using SIEM

Daniel Diaz-López, Maria Blanco Uribe, Claudia Santiago Cely, Andrés Vega Torres, Nicolás Moreno Guataquira, Stefany Morón Castro, Pantaleone Nespoli, Félix Gómez Mármol

Research output: Contribution to journal › Article › peer-review

18 Scopus citations

Abstract

Due to the growth of IoT (Internet of Tings) devices in diferent industries and markets in recent years and considering the currently insufcient protection for these devices, a security solution safeguarding IoT architectures are highly desirable. An interesting perspective for the development of security solutions is the use of an event management approach, knowing that an event may become an incident when an information asset is afected under certain circumstances. Te paper at hand proposes a security solution based on the management of security events within IoT scenarios in order to accurately identify suspicious activities. To this end, diferent vulnerabilities found in IoT devices are described, as well as unique features that make these devices an appealing target for attacks. Finally, three IoT attack scenarios are presented, describing exploited vulnerabilities, security events generated by the attack, and accurate responses that could be launched to help decreasing the impact of the attack on IoT devices. Our analysis demonstrates that the proposed approach is suitable for protecting the IoT ecosystem, giving an adequate protection level to the IoT devices.

Original language	English
Article number	3029638
Pages (from-to)	1-18
Number of pages	18
Journal	Wireless Communications and Mobile Computing
Issue number	3029638
State	Published - 2018
Externally published	Yes

Cite this

@article{bbba3a5ef82d411caf586ddcad4fadaa,

title = "Shielding IoT against cyber-attacks: An event-based approach using SIEM",

abstract = "Due to the growth of IoT (Internet of Tings) devices in diferent industries and markets in recent years and considering the currently insufcient protection for these devices, a security solution safeguarding IoT architectures are highly desirable. An interesting perspective for the development of security solutions is the use of an event management approach, knowing that an event may become an incident when an information asset is afected under certain circumstances. Te paper at hand proposes a security solution based on the management of security events within IoT scenarios in order to accurately identify suspicious activities. To this end, diferent vulnerabilities found in IoT devices are described, as well as unique features that make these devices an appealing target for attacks. Finally, three IoT attack scenarios are presented, describing exploited vulnerabilities, security events generated by the attack, and accurate responses that could be launched to help decreasing the impact of the attack on IoT devices. Our analysis demonstrates that the proposed approach is suitable for protecting the IoT ecosystem, giving an adequate protection level to the IoT devices.",

author = "Daniel Diaz-L{\'o}pez and {Blanco Uribe}, Maria and {Santiago Cely}, Claudia and {Vega Torres}, Andr{\'e}s and {Moreno Guataquira}, Nicol{\'a}s and {Mor{\'o}n Castro}, Stefany and Pantaleone Nespoli and {G{\'o}mez M{\'a}rmol}, F{\'e}lix",

year = "2018",

language = "Ingl{\'e}s",

pages = "1--18",

journal = "Wireless Communications and Mobile Computing",

issn = "1530-8669",

publisher = "John Wiley and Sons Ltd",

number = " 3029638",

}

Shielding IoT against cyber-attacks : An event-based approach using SIEM. / Diaz-López, Daniel; Blanco Uribe, Maria; Santiago Cely, Claudia; Vega Torres, Andrés; Moreno Guataquira, Nicolás; Morón Castro, Stefany; Nespoli, Pantaleone; Gómez Mármol, Félix.

In: Wireless Communications and Mobile Computing, No. 3029638, 3029638, 2018, p. 1-18.

Research output: Contribution to journal › Article › peer-review

TY - JOUR

T1 - Shielding IoT against cyber-attacks

T2 - An event-based approach using SIEM

AU - Diaz-López, Daniel

AU - Blanco Uribe, Maria

AU - Santiago Cely, Claudia

AU - Vega Torres, Andrés

AU - Moreno Guataquira, Nicolás

AU - Morón Castro, Stefany

AU - Nespoli, Pantaleone

AU - Gómez Mármol, Félix

PY - 2018

Y1 - 2018

N2 - Due to the growth of IoT (Internet of Tings) devices in diferent industries and markets in recent years and considering the currently insufcient protection for these devices, a security solution safeguarding IoT architectures are highly desirable. An interesting perspective for the development of security solutions is the use of an event management approach, knowing that an event may become an incident when an information asset is afected under certain circumstances. Te paper at hand proposes a security solution based on the management of security events within IoT scenarios in order to accurately identify suspicious activities. To this end, diferent vulnerabilities found in IoT devices are described, as well as unique features that make these devices an appealing target for attacks. Finally, three IoT attack scenarios are presented, describing exploited vulnerabilities, security events generated by the attack, and accurate responses that could be launched to help decreasing the impact of the attack on IoT devices. Our analysis demonstrates that the proposed approach is suitable for protecting the IoT ecosystem, giving an adequate protection level to the IoT devices.

AB - Due to the growth of IoT (Internet of Tings) devices in diferent industries and markets in recent years and considering the currently insufcient protection for these devices, a security solution safeguarding IoT architectures are highly desirable. An interesting perspective for the development of security solutions is the use of an event management approach, knowing that an event may become an incident when an information asset is afected under certain circumstances. Te paper at hand proposes a security solution based on the management of security events within IoT scenarios in order to accurately identify suspicious activities. To this end, diferent vulnerabilities found in IoT devices are described, as well as unique features that make these devices an appealing target for attacks. Finally, three IoT attack scenarios are presented, describing exploited vulnerabilities, security events generated by the attack, and accurate responses that could be launched to help decreasing the impact of the attack on IoT devices. Our analysis demonstrates that the proposed approach is suitable for protecting the IoT ecosystem, giving an adequate protection level to the IoT devices.

UR - http://downloads.hindawi.com/journals/wcmc/2018/3029638.pdf

M3 - Artículo

SP - 1

EP - 18

JO - Wireless Communications and Mobile Computing

JF - Wireless Communications and Mobile Computing

SN - 1530-8669

IS - 3029638

M1 - 3029638

ER -

Shielding IoT against cyber-attacks: An event-based approach using SIEM

Abstract

Other files and links

Fingerprint

Cite this