IoTProtect: Highly Deployable Whitelist-based Protection for Low-cost Internet-of-Things Devices

Wu Chun-Jung, Tie Ying, Hara Satoshi, Tamiya Kazuki, Fujita Akira, Yoshioka Katsunari, Matsumoto Tsutomu

doi:10.2197/ipsjjip.26.662

<p>In recent years, many Internet-of-Things (IoT) devices, such as home routers and Internet Protocol (IP) cameras, have been compromised through infection by malware as a consequence of weak authentication and other vulnerabilities. Malware infection can lead to functional disorders and/or misuse of these devices in cyberattacks of various kinds. However, unlike personal computers (PCs), low-cost IoT devices lack rich computational resources, with the result that conventional protection mechanisms, such as signature-based anti-virus software, cannot be used. In this study, we present IoTProtect, a light-weight, whitelist-based protection mechanism that can be deployed easily on existing commercial products with very little modification of their firmware. IoTProtect uses a whitelist to check processes running on IoT devices and terminate unknown processes periodically. Our experiments using four low-cost IoT devices and 4, 981 in-the-wild malware binaries show that IoTProtect successfully terminated 99.92% of the processes created by the binaries within 44 seconds after their infection with central processing unit (CPU) overhead of 24% and disk space overhead of 288KB.</p>

IoTProtect: Highly Deployable Whitelist-based Protection for Low-cost Internet-of-Things Devices

Description

Journal

References(2)*help

Keywords

Details 詳細情報について

Export

Report a problem