Suppr超能文献

资源受限物联网设备的边缘安全

Security at the Edge for Resource-Limited IoT Devices.

作者信息

Canavese Daniele, Mannella Luca, Regano Leonardo, Basile Cataldo

机构信息

IRIT, CNRS, 118 Route de Narbonne, CEDEX 9, F-31062 Toulouse, France.

Dipartimento di Automatica e Informatica, Politecnico di Torino, Corso Duca degli Abruzzi 24, 10129 Turin, Italy.

出版信息

Sensors (Basel). 2024 Jan 17;24(2):590. doi: 10.3390/s24020590.

Abstract

The Internet of Things (IoT) is rapidly growing, with an estimated 14.4 billion active endpoints in 2022 and a forecast of approximately 30 billion connected devices by 2027. This proliferation of IoT devices has come with significant security challenges, including intrinsic security vulnerabilities, limited computing power, and the absence of timely security updates. Attacks leveraging such shortcomings could lead to severe consequences, including data breaches and potential disruptions to critical infrastructures. In response to these challenges, this research paper presents the IoT Proxy, a modular component designed to create a more resilient and secure IoT environment, especially in resource-limited scenarios. The core idea behind the IoT Proxy is to externalize security-related aspects of IoT devices by channeling their traffic through a secure network gateway equipped with different Virtual Network Security Functions (VNSFs). Our solution includes a Virtual Private Network (VPN) terminator and an Intrusion Prevention System (IPS) that uses a machine learning-based technique called oblivious authentication to identify connected devices. The IoT Proxy's modular, scalable, and externalized security approach creates a more resilient and secure IoT environment, especially for resource-limited IoT devices. The promising experimental results from laboratory testing demonstrate the suitability of IoT Proxy to secure real-world IoT ecosystems.

摘要

物联网(IoT)正在迅速发展,2022年估计有144亿个活跃端点,预计到2027年将有大约300亿个连接设备。物联网设备的这种激增带来了重大的安全挑战,包括内在的安全漏洞、有限的计算能力以及缺乏及时的安全更新。利用这些缺点的攻击可能会导致严重后果,包括数据泄露和对关键基础设施的潜在破坏。为应对这些挑战,本研究论文提出了物联网代理(IoT Proxy),这是一个模块化组件,旨在创建一个更具弹性和安全性的物联网环境,特别是在资源受限的场景中。物联网代理背后的核心思想是通过将物联网设备的流量引导通过配备不同虚拟网络安全功能(VNSF)的安全网络网关,将物联网设备与安全相关的方面外部化。我们的解决方案包括一个虚拟专用网络(VPN)终结器和一个入侵防御系统(IPS),该系统使用一种称为遗忘认证的基于机器学习的技术来识别连接的设备。物联网代理的模块化、可扩展和外部化的安全方法创建了一个更具弹性和安全性的物联网环境,特别是对于资源受限的物联网设备。实验室测试得出的有前景的实验结果证明了物联网代理适用于保护现实世界的物联网生态系统。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8563/10818527/72cb732a3e42/sensors-24-00590-g001.jpg

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验