TY - GEN
T1 - Digital certificate-based port knocking for connected embedded systems
AU - Mahbooba, Basim
AU - Schukat, Michael
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/7/18
Y1 - 2017/7/18
N2 - The Internet of Things (IoT) is more vulnerable to targeted cyber-attacks than an ordinary Information Technology (IT) infrastructure, where these cyber-attacks operate on subsequent identification (i.e., port scan and exploitation of device's vulnerabilities). Port scans can be rendered useless by applying Port Knocking (PK) as information is transmitted across closed network ports by using a common secret, a device firewall hides all ports from the outside world by filtering (PK) network packets (i.e. TCP connection requests). A secure approach to authenticate IOT devices on the network is required as the current PK approaches (e.g. one time password) suffer from security issues such as sharing secrets. Therefore, this research aims to reinforce existing port knocking methods with a digital certificate for alternative authentication among IoT devices. Such concepts will be complementary to other cryptographic concepts (i.e. shared encryption keys as adopted in ZigBee).
AB - The Internet of Things (IoT) is more vulnerable to targeted cyber-attacks than an ordinary Information Technology (IT) infrastructure, where these cyber-attacks operate on subsequent identification (i.e., port scan and exploitation of device's vulnerabilities). Port scans can be rendered useless by applying Port Knocking (PK) as information is transmitted across closed network ports by using a common secret, a device firewall hides all ports from the outside world by filtering (PK) network packets (i.e. TCP connection requests). A secure approach to authenticate IOT devices on the network is required as the current PK approaches (e.g. one time password) suffer from security issues such as sharing secrets. Therefore, this research aims to reinforce existing port knocking methods with a digital certificate for alternative authentication among IoT devices. Such concepts will be complementary to other cryptographic concepts (i.e. shared encryption keys as adopted in ZigBee).
KW - Internet of things
KW - digital certificates
KW - keyhole knocking request (KKR)
KW - port knocking
UR - https://www.scopus.com/pages/publications/85027866023
U2 - 10.1109/ISSC.2017.7983645
DO - 10.1109/ISSC.2017.7983645
M3 - Conference Publication
T3 - 2017 28th Irish Signals and Systems Conference, ISSC 2017
BT - 2017 28th Irish Signals and Systems Conference, ISSC 2017
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 28th Irish Signals and Systems Conference, ISSC 2017
Y2 - 20 June 2017 through 21 June 2017
ER -