New method to defend against smart home cyber attacks developed by Ben-Gurion University researchers

August 03, 2020

BEER-SHEVA, Israel...August 3, 2020 - Instead of relying on customers to protect their vulnerable smart home devices from being used in cyberattacks, Ben-Gurion University of the Negev (BGU) and National University of Singapore (NUS) researchers have developed a new method that enables telecommunications and internet service providers to monitor these devices.

According to their new study published in Computers & Security, the ability to launch massive distributed denial-of-service (DDoS) attacks via a botnet of compromised devices is an exponentially growing risk in the Internet of Things (IoT). Such massive attacks, possibly emerging from IoT devices in home networks, impact the attack target, as well as the infrastructure of telecommunication service providers (telcos).

"Most home users don't have the awareness, knowledge, or means to prevent or handle ongoing attacks," says Yair Meidan, a Ph.D. candidate in the BGU Department of Software and Information Systems Engineering (SISE). "As a result, the burden falls on the telcos to handle. Our method addresses a challenging real-world problem that has already caused challenging attacks in Germany and Singapore, and poses a risk to telco infrastructure and their customers worldwide."

Each connected device has a unique IP address. However, home networks typically use gateway routers with NAT (network address translation) functionality, which replaces the local source IP address of each outbound data packet with the household router's public IP address. Consequently, detecting connected IoT devices from outside the home network is a challenging task.

The researchers developed a method to detect connected, vulnerable IoT models before they are compromised by monitoring the data traffic from each smart home device. This enables telcos to verify whether specific IoT models, known to be vulnerable to exploitation by malware for cyberattacks are connected to the home network. It helps telcos identify potential threats to their networks and take preventive actions quickly.

By using the proposed method, a telco can detect vulnerable IoT devices connected behind a NAT, and use this information to take action. In the case of a potential DDoS attack, this method would enable the telco to take steps to spare the company and its customers harm in advance, such as offloading the large volume of traffic generated by an abundance of infected domestic IoT devices. In turn, this could prevent the combined traffic surge from hitting the telco's infrastructure, reduce the likelihood of service disruption, and ensure continued service availability.

"Unlike some past studies that evaluated their methods using partial, questionable, or completely unlabeled datasets, or just one type of device, our data is versatile and explicitly labeled with the device model," Meidan says. "We are sharing our experimental data with the scientific community as a novel benchmark to promote future reproducible research in this domain." This dataset can be found here: https://doi.org/10.5281/zenodo.3924770

This research is a first step toward dramatically mitigating the risk posed to telcos' infrastructure by domestic NAT IoT devices. In the future, the researchers seek to further validate the scalability of the method, using additional IoT devices that represent an even broader range of IoT models, types and manufacturers.

"Although our method is designed to detect vulnerable IoT devices before they are exploited, we plan to evaluate the resilience of our method to adversarial attacks in future research," Meidan says. "Similarly, a spoofing attack, in which an infected device performs many dummy requests to IP addresses and ports that are different from the default ones, could result in missed detection."
-end-
Other researchers who participated in this study include Vinay Sachidananda, an R&D Manager at Trustwave and a Senior Researcher at the National University of Singapore (NUS) and Hongyi Peng a student with NUS. Part of this research was conducted when Sachidananda was at Singapore University of Technology and Design (SUTD). Researchers at BGU SISE include Prof. Asaf Shabtai and Racheli Sagron, as BSc student in the SISE Department at BGU. Yuval Elovici is a professor in the BGU SISE Department, and head of the Cyber Security Research Center at BGU.

This project received funding from the European Union's Horizon 2020 research and innovation program under grant agreement No 830927.

About American Associates, Ben-Gurion University of the Negev

American Associates, Ben-Gurion University of the Negev (AABGU) plays a vital role in sustaining David Ben-Gurion's vision: creating a world-class institution of education and research in the Israeli desert, nurturing the Negev community and sharing the University's expertise locally and around the globe. Celebrating the 50th birthday of Ben-Gurion University of the Negev (BGU) this year, AABGU imagines a future that goes beyond the walls of academia. It is a future where BGU invents a new world and inspires a vision for a stronger Israel and its next generation of leaders. Together with supporters, AABGU will help the University foster excellence in teaching, research and outreach to the communities of the Negev for the next 50 years and beyond. AABGU, headquartered in Manhattan, has regional offices throughout the United States. For more information visit http://www.aabgu.org.

American Associates, Ben-Gurion University of the Negev

Related Data Articles from Brightsurf:

Keep the data coming
A continuous data supply ensures data-intensive simulations can run at maximum speed.

Astronomers are bulging with data
For the first time, over 250 million stars in our galaxy's bulge have been surveyed in near-ultraviolet, optical, and near-infrared light, opening the door for astronomers to reexamine key questions about the Milky Way's formation and history.

Novel method for measuring spatial dependencies turns less data into more data
Researcher makes 'little data' act big through, the application of mathematical techniques normally used for time-series, to spatial processes.

Ups and downs in COVID-19 data may be caused by data reporting practices
As data accumulates on COVID-19 cases and deaths, researchers have observed patterns of peaks and valleys that repeat on a near-weekly basis.

Data centers use less energy than you think
Using the most detailed model to date of global data center energy use, researchers found that massive efficiency gains by data centers have kept energy use roughly flat over the past decade.

Storing data in music
Researchers at ETH Zurich have developed a technique for embedding data in music and transmitting it to a smartphone.

Life data economics: calling for new models to assess the value of human data
After the collapse of the blockchain bubble a number of research organisations are developing platforms to enable individual ownership of life data and establish the data valuation and pricing models.

Geoscience data group urges all scientific disciplines to make data open and accessible
Institutions, science funders, data repositories, publishers, researchers and scientific societies from all scientific disciplines must work together to ensure all scientific data are easy to find, access and use, according to a new commentary in Nature by members of the Enabling FAIR Data Steering Committee.

Democratizing data science
MIT researchers are hoping to advance the democratization of data science with a new tool for nonstatisticians that automatically generates models for analyzing raw data.

Getting the most out of atmospheric data analysis
An international team including researchers from Kanazawa University used a new approach to analyze an atmospheric data set spanning 18 years for the investigation of new-particle formation.

Read More: Data News and Data Current Events
Brightsurf.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.