Journal ArticleDOI
The DNS in IoT: Opportunities, Risks, and Challenges
Cristian Hesselman,Merike Kaeo,Lyman Chapin,K. C. Claffy,Mark Seiden,Danny McPherson,Dave Piscitello,Andrew McConachie,Tim April,Jacques Latour,Rod Rasmussen +10 more
Reads0
Chats0
TLDR
This article discusses how the security extensions of the domain name system (DNS) offer an opportunity to help tackle the challenge of protecting users and Internet infrastructure operators from attacks on or launched through vast numbers of autonomously operating sensors and actuators.Abstract:
The Internet of Things (IoT) is widely expected to make our society safer, smarter, and more sustainable. However, a key challenge remains, which is how to protect users and Internet infrastructure operators from attacks on or launched through vast numbers of autonomously operating sensors and actuators. In this article, we discuss how the security extensions of the domain name system (DNS) offer an opportunity to help tackle that challenge, while also outlining the risks that the IoT poses to the DNS in terms of complex and quickly growing IoT-powered distributed denial of service (DDoS) attacks. We identify three challenges for the DNS and IoT industries to seize these opportunities and address the risks, for example, by making DNS security functions (e.g., response verification and encryption) available on popular IoT operating systems.read more
Citations
More filters
Journal ArticleDOI
Internet of Things Applications, Security Challenges, Attacks, Intrusion Detection, and Future Visions: A Systematic Review
Nivedita Mishra,Sharnil Pandya +1 more
TL;DR: In this article, a multi-fold survey of different security issues present in IoT layers: perception layer, network layer, support layer, application layer, with further focus on Distributed Denial of Service (DDoS) attacks.
Journal ArticleDOI
Generating Network Intrusion Detection Dataset Based on Real and Encrypted Synthetic Attack Traffic
TL;DR: This paper introduces HIKARI-2021, a dataset that contains encrypted synthetic attacks and benign traffic that conforms to two requirements: the content requirements, which focus on the produced dataset, and the process requirements,Which focus on how the dataset is built.
Journal ArticleDOI
A Survey on DNS Encryption: Current Development, Malware Misuse, and Inference Techniques
TL;DR: A survey of the DNS encryption literature published from 2016 to 2021, focusing on its current landscape and how it is misused by malware, and highlighting the existing techniques developed to make inferences from encrypted DNS traffic.
Journal ArticleDOI
Role of Device Identification and Manufacturer Usage Description in IoT Security: A Survey
TL;DR: In this paper, the authors present an overview of device identification techniques and the manufacturer usage description (MUD) standard used for the Internet of things to reduce the IoT attack surface, and examine the MUD benefits in IoT security along with the weaknesses and challenges while implementing this standard.
Journal ArticleDOI
OpenAPI framework for the Web of Things
TL;DR: In this article , the authors argue that OpenAPI can also be used to provide documentation of Things that adheres to the Web of Things (WoT) Architecture recommendation and propose a mechanism that facilitates the generation of OpenAPI Thing Descriptions and a Web proxy that implements access to Things on the Web.
References
More filters
Proceedings Article
Understanding the mirai botnet
Manos Antonakakis,Tim April,Michael Bailey,Matthew Bernhard,Elie Bursztein,Jaime Cochran,Zakir Durumeric,J. Alex Halderman,Luca Invernizzi,Michalis Kallitsis,Deepak Kumar,Chaz Lever,Zane Ma,Joshua Mason,D. Menscher,Chad Seaman,Nick Sullivan,Kurt Thomas,Yi Zhou +18 more
TL;DR: It is argued that Mirai may represent a sea change in the evolutionary development of botnets--the simplicity through which devices were infected and its precipitous growth, and that novice malicious techniques can compromise enough low-end devices to threaten even some of the best-defended targets.
Proceedings ArticleDOI
Amplification Hell: Revisiting Network Protocols for DDoS Abuse
TL;DR: This paper revisits popular UDP-based protocols of network services, online games, P2P filesharing networks and P1P botnets to assess their security against DRDoS abuse and finds that 14 protocols are susceptible to bandwidth amplification and multiply the traffic up to a factor 4670.
The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA
Jakob Schlyter,Paul Hoffman +1 more
TL;DR: This document improves on that situation by enabling the administrators of domain names to specify the keys used in that domain's TLS servers, which requires matching improvements in TLS client software, but no change in TLS server software.
Book ChapterDOI
Internet of Things: an overview
TL;DR: In this article, the authors highlight research on topics that include proposed architectures, security and privacy, and network communication means and protocols; they eventually conclude by providing details of future directions and open challenges that face the IoT development.
Posted Content
A Smart Home is No Castle: Privacy Vulnerabilities of Encrypted IoT Traffic
TL;DR: It is found that four IoT smart home devices can reveal potentially sensitive user interactions even when the traffic is encrypted, indicating that a technological solution is needed to protect IoT device owner privacy, and that IoT-specific concerns must be considered in the ongoing policy debate around ISP data collection and usage.