All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Security Monitoring of IoT Communication Using Flows

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F19%3APU134170" target="_blank" >RIV/00216305:26230/19:PU134170 - isvavai.cz</a>

  • Result on the web

    <a href="http://doi.acm.org/10.1145/3352700.3352718" target="_blank" >http://doi.acm.org/10.1145/3352700.3352718</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1145/3352700.3352718" target="_blank" >10.1145/3352700.3352718</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Security Monitoring of IoT Communication Using Flows

  • Original language description

    Network monitoring is an important part of network management that collects valuable metadata describing active communication protocols, network transmissions, bandwidth utilization, and the most communicating nodes. Traditional IP network monitoring techniques include the SNMP system, flow monitoring, or system logging. The environment of the Internet of Things (IoT) networks, however, shows that these approaches do not provide sufficient visibility of IoT communication which would allow network administrators to identify possible attacks on IoT nodes. The reason is obvious: IoT devices lack sufficient computational resources to fully implement monitoring agents, LAN IoT data communication is often directly over data link layers rather than IP, and IoT sensors produce an endless flow of small packets which can be difficult to process in real-time. To tackle these limitations we propose a new IoT monitoring model based on extended IPFIX records. The model employs a passive monitoring probe that observes IoT traffic and collects metadata from IoT protocols. Using extended IPFIX protocol, flow records with IoT metadata are sent to the collector where they are analyzed and used to provide a global view on the whole IoT network and its communication. We also present two statistical approaches that analyze IoT flows data in order to detect security incidents or malfunctioning of a device. The proof-of-concept implementation is demonstrated for Constrained Application Protocol (CoAP) traffic in the smart home environment.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    20206 - Computer hardware and architecture

Result continuities

  • Project

    <a href="/en/project/TF03000029" target="_blank" >TF03000029: Internet of Things Monitoring and Forensics (IRONSTONE)</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2019

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Proceedings of the 6th Conference on the Engineering of Computer Based Systems

  • ISBN

    978-1-4503-7636-5

  • ISSN

  • e-ISSN

  • Number of pages

    9

  • Pages from-to

    1-9

  • Publisher name

    Association for Computing Machinery

  • Place of publication

    New York

  • Event location

    Bucharest

  • Event date

    Sep 2, 2019

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

Similar results(10)

Practical Experience with IPFIX Flow CollectorsFlowmon IoT Monitoring and Diagnostic ToolsetUnified SNMP Interface for IoT Monitoring