Context-aware security framework for detection and mitigation of Distributed Denial of Service (DDoS) attacks on Internet of Things (IoT)

用于检测和缓解物联网 (IoT) 分布式拒绝服务 (DDoS) 攻击的上下文感知安全框架

• 批准号: 576942-2022
• 负责人: Sampalli, SrinivasS
• 金额: $ 2.79万
• 依托单位: Dalhousie University
• 依托单位国家: 加拿大
• 项目类别: Alliance Grants
• 财政年份: 2022
• 资助国家: 加拿大
• 起止时间: 2022-01-01 至 2023-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=750251
• 关键词: Context; aware; security; framework; detection

Cybersecurity has become one of the top concerns for businesses, governments, and organizations worldwide due to the drastic increase in cyber-attacks in recent years. One emergent technology that has attracted cyber-attackers is Internet of Things (IoT). This technology refers to a collection of autonomous, smart, connected, and uniquely identifiable objects with embedded processors that have sensing, computing, and communicating capabilities. IoT promises enormous application benefits in the areas of mobile commerce, energy and environment, agriculture, military, security, surveillance, and critical infrastructure such as smart grids, water supply, nuclear plants, connected health, and telecommunications. However, resource constraints, lack of security protocols, and the heterogeneous nature of IoT devices have presented new attack surfaces. In particular, IoT systems are vulnerable to one major type of cyber-attack, namely, Distributed Denial of Service or DDoS, in which access to services are blocked, thus leading to catastrophic consequences, especially in critical infrastructure and mission critical applications. The primary objective of this proposal is to innovate, design, and implement a suite of algorithms for the detection and mitigation of DDoS attacks on IoT systems. The novelty of the proposal is the design and development of an end-to-end security architecture that uses a context-aware framework for the prediction, detection, and mitigation of DDoS attacks. This proposal is supported by industry partner Calian Ltd., one of Canada's leading solution providers and industry leaders in cybersecurity. Calian will work closely with the researchers and train highly qualified personnel (HQP) in the areas of IoT, cyber-security, data analytics, machine learning, and predictive algorithms. The outcome of this research will generate innovative solutions for DDoS attack mitigation and lead to knowledge transfer and knowledge mobilization with the supporting partner. In the long term, investing in this program will give Canada a driving role in cybersecurity research and training, ensuring an economic payoff and social benefit to citizens well into the future.

由于近年来网络攻击的急剧增加，网络安全已成为全球企业、政府和组织最关心的问题之一。吸引网络攻击者的一项新兴技术是物联网（IoT）。该技术指的是一组自主、智能、互联和唯一可识别的对象，这些对象具有嵌入式处理器，具有传感、计算和通信功能。物联网在移动商务、能源和环境、农业、军事、安全、监控以及关键基础设施（如智能电网、供水、核电站、互联医疗和电信）领域有望带来巨大的应用效益。然而，资源限制、缺乏安全协议以及物联网设备的异构性已经提出了新的攻击面。特别是，物联网系统容易受到一种主要类型的网络攻击，即分布式拒绝服务或DDoS，其中对服务的访问被阻止，从而导致灾难性后果，特别是在关键基础设施和关键任务应用程序中。本提案的主要目标是创新、设计和实现一套算法，用于检测和缓解物联网系统上的DDoS攻击。该提案的新颖之处在于设计和开发了端到端安全体系结构，该体系结构使用上下文感知框架来预测、检测和缓解DDoS攻击。该提案得到了行业合作伙伴Calian有限公司的支持，Calian有限公司是加拿大领先的解决方案提供商之一，也是网络安全领域的行业领导者。Calian将与研究人员密切合作，在物联网、网络安全、数据分析、机器学习和预测算法等领域培养高素质人才。这项研究的结果将产生缓解DDoS攻击的创新解决方案，并导致与支持合作伙伴的知识转移和知识动员。从长远来看，投资该项目将使加拿大在网络安全研究和培训方面发挥主导作用，确保公民在未来获得经济回报和社会效益。