Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

EclipseIoT: A secure and adaptive hub for the Internet of Things

Anthi, Eirini, Ahmad, Shazaib, Rana, Omer, Burnap, Pete and Theodorakopoulos, Georgios 2018. EclipseIoT: A secure and adaptive hub for the Internet of Things. Computers and Security 78 , pp. 477-490. 10.1016/j.cose.2018.07.016
Item availability restricted.

[img] PDF - Accepted Post-Print Version
Restricted to Repository staff only until 21 August 2019 due to copyright restrictions.

Download (422kB)

Abstract

With the proliferation in the quantity and types of devices that may be included in an Internet of Things (IoT) ecosystem, particularly in the context of a smart home, it is essential to provide mechanisms to deal with the heterogeneity which such devices encompass. Variations can occur in data formats, frequency of operation, or type of communication protocols supported. The ability to support integration between sensors using a “hub” has become central to address many of these issues. The implementation of such a hub can provide both the ability to act as an aggregator for various sensors, and also limit an attacker’s visibility into locally provisioned sensing capability. This paper introduces EclipseIoT, an adaptive hub which uses dynamically loadable add-on modules to communicate with diverse IoT devices, provides policy-based access control, limits exposure of local IoT devices through cloaking, and offers a canary-function based capability to monitor attack behaviours. Its architecture and implementation are discussed, along with its use within a smart home testbed consisting of commercially available devices such as Phillips Hue Bridge, Samsung Smart Things Hub, TP-Link Smart Plug, and TP-Link Smart Camera. The effectiveness of EclipseIoT is further evaluated by simulating various attacks such as Address Resolution Protocol (ARP) spoofing, Media Access Control (MAC) address spoofing, Man-In-The-Middle (MITM), port scanning, capturing handshakes, sniffing, and Denial of Service (DoS). It is demonstrated that direct attacks upon EclipseIoT components are mitigated due to the security techniques being used.

Item Type: Article
Date Type: Publication
Status: Published
Schools: Computer Science & Informatics
Publisher: Elsevier
ISSN: 0167-4048
Date of First Compliant Deposit: 6 August 2018
Date of Acceptance: 6 July 2018
Last Modified: 06 Nov 2018 11:57
URI: http://orca.cf.ac.uk/id/eprint/113958

Actions (repository staff only)

Edit Item Edit Item

Downloads

Downloads per month over past year

View more statistics