About
Introduction
The increasing complexity and diversity of IoT devices, their different storage and processing capacities, and the lack of uniform security guidelines allow for numerous threats and attack options. In recent times, numerous attacks on IoT devices have demonstrated their vulnerability.
Navigating the
"Security-by-Design" Dilemma in IoT
At the same time, the dilemma surrounding the “security-by-design” philosophy, which sees the security of IoT devices as an inherent component and not as an addition, is revealed here. Even if individual IoT devices could be equipped with security measures within the scope of their computing and storage capacities, the establishment of a uniform IoT security standard fails due to the complexity of the entire IoT ecosystem. To adequately address this challenge, security solutions that protect the IoT without making strong assumptions about devices or attacks are needed.
In the IoTGuard project, novel distributed AI-based detection methods against attacks on IoT networks are developed. They are designed to detect even new and unknown attacks reliably. Another focus is on detecting and reporting contextual attacks carried out by exploiting weakly-secured IoT control infrastructure.
The IoTGuard project is a collaboration between TU Darmstadt, Intel, IoT-Venture, Kobil, and Julius-Maximilians-Universität Würzburg. It is funded by the German Ministry of Science and Education (BMBF) as part of the funding program “IoT security in smart homes, production, and sensitive infrastructures
IoTGuard integrates state-of-the-art algorithms from distributed deep neural networks in order to achieve its two major goals: On the one hand, the normal (legitimate) communication behavior of device types (equivalence class of devices) is modeled autonomously and precisely to enable the detection of deviations in the communication behavior of a device type caused by attacks. On the other hand, a completely new approach to context-based anomaly detection will be developed. This means that situations that deviate from the normal behavior of the device-user environment can be detected and reported as potential attacks or malfunctions of the IoT system.