Historical Data Helps Internet of Things Resist Hacks
May 10, 2017 | A*STAREstimated reading time: 2 minutes
The power of big data is used in a strategy developed by A*STAR to improve the security of networks of internet-connected objects, known as the Internet of Things (IoT), technology which will make everything from streetlights to refrigerators "smart."
More than 20 billion devices are expected to be upgraded and connected to each other by 2020. However, with IoT becoming increasingly widely adopted, developers need to guarantee its security. One hacked target could be the gateway to other parts of the network, making it vulnerable to breaches of sensitive information. This was demonstrated in October 2016, when a huge attack on IoT devices across Europe and the USA, such as CCTV cameras with easy-to-guess passwords, contributed to outages for several major websites.
Currently, a number of web services, including online banking and Google, use or offer a two-step authentication process to increase the security levels. Since passwords can be leaked or cracked, these services require secondary secret information from the customer. This could be another code transmitted via SMS, email or a security token; or the user’s fingerprints or facial recognition.
However, the direct application of these methods to the IoT is not practical. “We want to achieve the same level of security as bank servers offer, but the resources needed are simply an overkill to typical IoT devices, “explains Jun Wen Wong, one of the researchers involved in the study. “We had to think about a brand new protocol.”
The new strategy, devised by A*STAR researchers of the Institute for Infocomm Research, uses the conventional password as first step for authentication, but a second step uses the whole history of the data exchanged between the IoT device and the server.
The scientists proposed algorithms that generate and store in the IoT device a very small piece of secret information, which can concisely represent the whole history dataset, and can be retrieved for the authentication. Thanks to this approach, taken from the big data sector and originally applied to the IoT, this security two-step system can be compatible with IoT devices with low computation and small memory.
Using the data exchanged between the device and the server has very interesting leakage-resilience properties. As data are constantly generated by the IoT device and sent to the server, the history dataset is growing, so hackers would have to steal a considerable amount of data over an extended period of time, becoming more open to detection.
Suggested Items
Book Excerpt: The Printed Circuit Assembler’s Guide to... Factory Analytics
04/24/2024 | I-Connect007 Editorial TeamIn our fast-changing, deeply competitive, and margin-tight industry, factory analytics can be the key to unlocking untapped improvements to guarantee a thriving business. On top of that, electronics manufacturers are facing a tremendous burden to do more with less. If you don't already have a copy of this book, what follows is an excerpt from the introduction chapter of 'The Printed Circuit Assembler’s Guide to... Factory Analytics: Unlocking Efficiency Through Data Insights' to whet your appetite.
Real Time with... IPC APEX EXPO 2024: Industrial Quality Solutions from Zeiss
04/23/2024 | Real Time with...IPC APEX EXPOEditor Nolan Johnson and Herminso Gomez of Zeiss Group discuss the company's industrial quality solutions, with a focus on X-ray technology. Zeiss provides a range of microscopy options and Herminso highlights the advantages of X-ray technology for aerospace, medical, and consumer electronics sectors.
Altair Acquires Cambridge Semantics, Powering Next-Generation Enterprise Data Fabrics and Generative AI
04/22/2024 | AltairAltair a global leader in computational intelligence, acquired Cambridge Semantics, a modern data fabric provider and creator of one of the industry’s leading analytical graph databases.
I-Connect007 Editor’s Choice: Five Must-Reads for the Week
04/19/2024 | Marcy LaRont, PCB007 MagazineFor my must-read picks of the week, I’m highlighting Parker Capers, a young professional seeking employment, solid counsel from Dan Beaulieu on what your post-show plan should look like, more information and insight on “chiplets” and the need for secure data transfer standards from columnist Preeya Kuray, as well as Matt Stevenson’s design for reality wisdom. It’s a reminder to download one of our newest books (there are several) you don't want to miss if you are an assembler.
D Coupon Testing and Data Insights With GreenSource Fabrication
04/17/2024 | Marcy LaRont, PCB007 MagazineMarcy LaRont spoke with Steve Karas of GreenSource Fabrication at the SMTA UHDI conference in March. He presented a case study that GreenSource undertook with a customer on critical via reliability with advanced materials and used the experience to highlight the importance and effectiveness of D coupon testing. He also discussed GreenSource’s approach to data aggregation and a new system they developed to use collected data effectively.