An Intrusion Detection and Response Scheme for CP-ABE-Encrypted IoT Networks

被引:3
作者
Laaboudi, Younes [1 ]
Olivereau, Alexis [1 ]
Oualha, Nouha [1 ]
机构
[1] CEA LIST, Communicating Syst Lab, Gif Sur Yvette, France
来源
2019 10TH IFIP INTERNATIONAL CONFERENCE ON NEW TECHNOLOGIES, MOBILITY AND SECURITY (NTMS) | 2019年
关键词
Internet of Things; Attribute-based Encryption; Network Intrusion Detection System; Intrusion Response System;
D O I
10.1109/ntms.2019.8763840
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
This paper introduces a new method of applying both an Intrusion Detection System (IDS) and an Intrusion Response System (IRS) to communications protected using Ciphertext-Policy Attribute- based Encryption (CP-ABE) in the context of the Internet of Things. This method leverages features specific to CP-ABE in order to improve the detection capabilities of the IDS and the response ability of the network. It also enables improved privacy towards the users through group encryption rather than one-to-one shared key encryption as the policies used in the CP-ABE can easily include the IDS as an authorized reader. More importantly, it enables different levels of detection and response to intrusions, which can be crucial when using anomaly-based detection engines.
引用
收藏
页数:5
相关论文
共 18 条
[1]   Charm: a framework for rapidly prototyping cryptosystems [J].
Akinyele, Joseph A. ;
Garman, Christina ;
Miers, Ian ;
Pagano, Matthew W. ;
Rushanan, Michael ;
Green, Matthew ;
Rubin, Aviel D. .
JOURNAL OF CRYPTOGRAPHIC ENGINEERING, 2013, 3 (02) :111-128
[2]  
Alharby S., 2018, INT J ELECT COMMUNIC, V12, P9, DOI DOI 10.5281/ZENODO.1315561
[3]   Ciphertext-policy attribute-based encryption [J].
Bethencourt, John ;
Sahai, Amit ;
Waters, Brent .
2007 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 2007, :321-+
[4]   Ghost-in-ZigBee: Energy Depletion Attack on ZigBee-Based Wireless Networks [J].
Cao, Xianghui ;
Shila, Devu Manikantan ;
Cheng, Yu ;
Yang, Zequ ;
Zhou, Yang ;
Chen, Jiming .
IEEE INTERNET OF THINGS JOURNAL, 2016, 3 (05) :816-829
[5]  
Chinchani R, 2006, LECT NOTES COMPUT SC, V3858, P284
[6]   My Smart Home is Under Attack [J].
Coppolino, Luigi ;
D'Alessandro, Valerio ;
D'Antonio, Salvatore ;
Lev, Leonid ;
Romano, Luigi .
2015 IEEE 18TH INTERNATIONAL CONFERENCE ON COMPUTATIONAL SCIENCE AND ENGINEERING (CSE), 2015, :145-151
[7]   CP-ABE Access Control Scheme for Sensitive Data Set Constraint with Hidden Access Policy and Constraint Policy [J].
Helil, Nurmamat ;
Rahman, Kaysar .
SECURITY AND COMMUNICATION NETWORKS, 2017,
[8]   Intrusion Detection and Prevention for ZigBee-Based Home Area Networks in Smart Grids [J].
Jokar, Paria ;
Leung, Victor C. M. .
IEEE TRANSACTIONS ON SMART GRID, 2018, 9 (03) :1800-1811
[9]  
서화정, 2012, Journal of Information and Communication Convergence Engineering, V10, P343, DOI 10.6109/jicce.2012.10.4.343
[10]   Kalis - A System for Knowledge-driven Adaptable Intrusion Detection for the Internet of Things [J].
Midi, Daniele ;
Rullo, Antonino ;
Mudgerikar, Anand ;
Bertino, Elisa .
2017 IEEE 37TH INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING SYSTEMS (ICDCS 2017), 2017, :656-666
12