Proxy-based solution for legacy IoT security and privacy
Autor(a) principal: | |
---|---|
Data de Publicação: | 2021 |
Tipo de documento: | Dissertação |
Idioma: | eng |
Título da fonte: | Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
Texto Completo: | https://hdl.handle.net/10216/135000 |
Resumo: | Numerous legacy IoT devices are vulnerable to even trivial attacks that can easily compromise the entire system, and as such, securing legacy device traffic becomes a necessity when redesigning the device itself is not feasible. After implementing a layer 2 tunnel over TLS for legacy device traffic, the goal is to analyze one of the threats that the tunnel does not address, specifically inference attacks on encrypted tunnel traffic. Using a multi-node fire detection and alarm system, it is covered the possibility of inferring device behavior, even if the device traffic is encrypted. Then, in order to avoid traffic detection, by implementing traffic obfuscation methods such as padding and dummy traffic in the tunnel, it will result in an expected decrease in the ability of an eavesdropper to infer the behavior of the legacy device, even if the eavesdropper retrains its model with both padding and dummy traffic. |
id |
RCAP_893aab481425e1178b46d5ec75dc8db6 |
---|---|
oai_identifier_str |
oai:repositorio-aberto.up.pt:10216/135000 |
network_acronym_str |
RCAP |
network_name_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository_id_str |
7160 |
spelling |
Proxy-based solution for legacy IoT security and privacyEngenharia electrotécnica, electrónica e informáticaElectrical engineering, Electronic engineering, Information engineeringNumerous legacy IoT devices are vulnerable to even trivial attacks that can easily compromise the entire system, and as such, securing legacy device traffic becomes a necessity when redesigning the device itself is not feasible. After implementing a layer 2 tunnel over TLS for legacy device traffic, the goal is to analyze one of the threats that the tunnel does not address, specifically inference attacks on encrypted tunnel traffic. Using a multi-node fire detection and alarm system, it is covered the possibility of inferring device behavior, even if the device traffic is encrypted. Then, in order to avoid traffic detection, by implementing traffic obfuscation methods such as padding and dummy traffic in the tunnel, it will result in an expected decrease in the ability of an eavesdropper to infer the behavior of the legacy device, even if the eavesdropper retrains its model with both padding and dummy traffic.2021-07-162021-07-16T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttps://hdl.handle.net/10216/135000TID:202825183engRodrigo Monteiro da Cunha Costa Caldasinfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-11-29T14:52:33Zoai:repositorio-aberto.up.pt:10216/135000Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-20T00:10:42.887096Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse |
dc.title.none.fl_str_mv |
Proxy-based solution for legacy IoT security and privacy |
title |
Proxy-based solution for legacy IoT security and privacy |
spellingShingle |
Proxy-based solution for legacy IoT security and privacy Rodrigo Monteiro da Cunha Costa Caldas Engenharia electrotécnica, electrónica e informática Electrical engineering, Electronic engineering, Information engineering |
title_short |
Proxy-based solution for legacy IoT security and privacy |
title_full |
Proxy-based solution for legacy IoT security and privacy |
title_fullStr |
Proxy-based solution for legacy IoT security and privacy |
title_full_unstemmed |
Proxy-based solution for legacy IoT security and privacy |
title_sort |
Proxy-based solution for legacy IoT security and privacy |
author |
Rodrigo Monteiro da Cunha Costa Caldas |
author_facet |
Rodrigo Monteiro da Cunha Costa Caldas |
author_role |
author |
dc.contributor.author.fl_str_mv |
Rodrigo Monteiro da Cunha Costa Caldas |
dc.subject.por.fl_str_mv |
Engenharia electrotécnica, electrónica e informática Electrical engineering, Electronic engineering, Information engineering |
topic |
Engenharia electrotécnica, electrónica e informática Electrical engineering, Electronic engineering, Information engineering |
description |
Numerous legacy IoT devices are vulnerable to even trivial attacks that can easily compromise the entire system, and as such, securing legacy device traffic becomes a necessity when redesigning the device itself is not feasible. After implementing a layer 2 tunnel over TLS for legacy device traffic, the goal is to analyze one of the threats that the tunnel does not address, specifically inference attacks on encrypted tunnel traffic. Using a multi-node fire detection and alarm system, it is covered the possibility of inferring device behavior, even if the device traffic is encrypted. Then, in order to avoid traffic detection, by implementing traffic obfuscation methods such as padding and dummy traffic in the tunnel, it will result in an expected decrease in the ability of an eavesdropper to infer the behavior of the legacy device, even if the eavesdropper retrains its model with both padding and dummy traffic. |
publishDate |
2021 |
dc.date.none.fl_str_mv |
2021-07-16 2021-07-16T00:00:00Z |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/masterThesis |
format |
masterThesis |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
https://hdl.handle.net/10216/135000 TID:202825183 |
url |
https://hdl.handle.net/10216/135000 |
identifier_str_mv |
TID:202825183 |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
application/pdf |
dc.source.none.fl_str_mv |
reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação instacron:RCAAP |
instname_str |
Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
instacron_str |
RCAAP |
institution |
RCAAP |
reponame_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
collection |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository.name.fl_str_mv |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
repository.mail.fl_str_mv |
|
_version_ |
1799136030535712768 |