Historical Data Helps Internet of Things Resist Hacks

Reading time ( words)

The power of big data is used in a strategy developed by A*STAR to improve the security of networks of internet-connected objects, known as the Internet of Things (IoT), technology which will make everything from streetlights to refrigerators "smart."

More than 20 billion devices are expected to be upgraded and connected to each other by 2020. However, with IoT becoming increasingly widely adopted, developers need to guarantee its security. One hacked target could be the gateway to other parts of the network, making it vulnerable to breaches of sensitive information. This was demonstrated in October 2016, when a huge attack on IoT devices across Europe and the USA, such as CCTV cameras with easy-to-guess passwords, contributed to outages for several major websites. 

Currently, a number of web services, including online banking and Google, use or offer a two-step authentication process to increase the security levels. Since passwords can be leaked or cracked, these services require secondary secret information from the customer. This could be another code transmitted via SMS, email or a security token; or the user’s fingerprints or facial recognition. 

However, the direct application of these methods to the IoT is not practical. “We want to achieve the same level of security as bank servers offer, but the resources needed are simply an overkill to typical IoT devices, “explains Jun Wen Wong, one of the researchers involved in the study. “We had to think about a brand new protocol.” 

The new strategy, devised by A*STAR researchers of the Institute for Infocomm Research, uses the conventional password as first step for authentication, but a second step uses the whole history of the data exchanged between the IoT device and the server. 

The scientists proposed algorithms that generate and store in the IoT device a very small piece of secret information, which can concisely represent the whole history dataset, and can be retrieved for the authentication. Thanks to this approach, taken from the big data sector and originally applied to the IoT, this security two-step system can be compatible with IoT devices with low computation and small memory. 

Using the data exchanged between the device and the server has very interesting leakage-resilience properties. As data are constantly generated by the IoT device and sent to the server, the history dataset is growing, so hackers would have to steal a considerable amount of data over an extended period of time, becoming more open to detection.


Suggested Items

Flights Show Promising Technologies from Industry and Academic Partnerships

02/06/2018 | NASA
The technologies ranged from proposed new space suits to cryogenic propellant research, with implications for future NASA space missions as well as other research efforts.

Ocean of Things Aims to Expand Maritime Awareness across Open Seas

12/12/2017 | DARPA
The internet of things connects an ever-growing number of smart devices for up-to-the-minute monitoring and tracking of many common events. Head out to most parts of the open ocean, however, and no such capability exists for real-time monitoring of maritime activity.

DARPA’s Drive to Keep the Microelectronics Revolution at Full Speed Builds Its Own Momentum

08/28/2017 | DARPA
To perpetuate the pace of innovation and progress in microelectronics technology over the past half-century, it will take an enormous village rife with innovators. This week, about 100 of those innovators throughout the broader technology ecosystem, including participants from the military, commercial, and academic sectors, gathered at DARPA headquarters at the kickoff meeting for the Agency’s new CHIPS program, known in long form as the Common Heterogeneous Integration and Intellectual Property (IP) Reuse Strategies program.

Copyright © 2018 I-Connect007. All rights reserved.