The Internet of Things (IoT) is a rapidly evolving paradigm that promises to revolutionize the way people interact with the cyber-physical world. IoT devices, ranging from sensors and actuators to smart appliances and industrial machinery, have become integral components of modern life and industry. They collect vast amounts of data, provide real-time insights, and automate processes, offering substantial benefits across various sectors, including healthcare, transportation, agriculture, and smart cities. However, as IoT technology becomes more integrated into daily life, the exchange of critical information raises significant security concerns. One prominent security approach is behavioral fingerprinting, a method that leverages packet flow patterns to distinguish normal behavior from an anomalous one, thereby isolating faulty nodes. In the realm of IoT, the challenge lies in the reliance on centralized architectures, which contradicts the inherently distributed nature of these systems. Recent advancements have introduced fully distributed solutions, promoting collaboration between powerful and resource-constrained devices to construct behavioral fingerprint models and enhance anomaly detection. Nevertheless, the collaboration between devices with disparate resource capabilities raises privacy concerns, particularly as resource-constrained devices need to share data with more powerful counterparts. To address this problem, this thesis focuses on the pivotal aspect of "secure delegation." The primary objective is to propose an advanced secure delegation mechanism specifically tailored for behavioral fingerprinting solutions in IoT. This mechanism aims to facilitate secure and privacy-preserving collaboration among IoT devices, emphasizing the critical need to securely exchange data between resource-constrained devices and the legacy ones. By addressing this challenge, the thesis tries to contribute to the overall security enhancement of IoT systems, ensuring that data exchange is conducted securely, even in environments with diverse device capabilities.
L’Internet of Things (IoT) è un paradigma in rapida evoluzione che promette di rivoluzionare il modo in cui le persone interagiscono con il mondo cyber-fisico. I dispositivi IoT, che vanno dai sensori e attuatori agli elettrodomestici intelligenti e ai macchinari industriali, sono diventati componenti integranti della vita e dell’industria moderne. Raccolgono grandi quantità di dati, forniscono approfondimenti in tempo reale e automatizzano i processi, offrendo vantaggi sostanziali in vari settori, tra cui sanità, trasporti, agricoltura e città intelligenti. Tuttavia, man mano che la tecnologia IoT diventa sempre più integrata nella vita quotidiana, lo scambio di informazioni sensibili solleva notevoli preoccupazioni in termini di sicurezza. Un importante approccio alla sicurezza è l’impronta digitale comportamentale (Behavioral Fingerprint), un metodo che sfrutta i pattern del flusso dei pacchetti per distinguere il comportamento normale da quello anomalo, isolando così i nodi "difettosi". Nel regno dell’IoT, la sfida risiede nella dipendenza da architetture centralizzate, che contraddicono la natura intrinsecamente distribuita di questi sistemi. I recenti progressi hanno introdotto soluzioni completamente distribuite, promuovendo la collaborazione tra dispositivi potenti e dispositivi con risorse limitate per costruire modelli di behavioral fingerprint e migliorare il rilevamento delle anomalie. Tuttavia, la collaborazione tra dispositivi con risorse disparate solleva problemi di privacy, in particolare perché i dispositivi con risorse limitate devono condividere dati con le controparti più potenti. Per affrontare questo problema, la tesi si concentra sull'aspetto cruciale della "delega sicura". L’obiettivo principale è proporre un meccanismo di delega sicura avanzato, specificamente adattato per soluzioni di behavioral fingerprint nell’IoT. Questo meccanismo mira a facilitare la collaborazione sicura e nel rispetto della privacy tra i dispositivi IoT, sottolineando la necessità fondamentale di scambiare in modo sicuro i dati tra i dispositivi con risorse limitate e quelli legacy. Affrontando questa sfida, la tesi cerca di contribuire al miglioramento complessivo della sicurezza dei sistemi IoT, garantendo che lo scambio di dati sia condotto in modo sicuro, anche in ambienti con diverse funzionalità dei dispositivi.
Meccanismi di secure delegation per abilitare soluzioni di behavioral fingerprint per l’Internet of Things
CATENA, ANDREA
2022/2023
Abstract
The Internet of Things (IoT) is a rapidly evolving paradigm that promises to revolutionize the way people interact with the cyber-physical world. IoT devices, ranging from sensors and actuators to smart appliances and industrial machinery, have become integral components of modern life and industry. They collect vast amounts of data, provide real-time insights, and automate processes, offering substantial benefits across various sectors, including healthcare, transportation, agriculture, and smart cities. However, as IoT technology becomes more integrated into daily life, the exchange of critical information raises significant security concerns. One prominent security approach is behavioral fingerprinting, a method that leverages packet flow patterns to distinguish normal behavior from an anomalous one, thereby isolating faulty nodes. In the realm of IoT, the challenge lies in the reliance on centralized architectures, which contradicts the inherently distributed nature of these systems. Recent advancements have introduced fully distributed solutions, promoting collaboration between powerful and resource-constrained devices to construct behavioral fingerprint models and enhance anomaly detection. Nevertheless, the collaboration between devices with disparate resource capabilities raises privacy concerns, particularly as resource-constrained devices need to share data with more powerful counterparts. To address this problem, this thesis focuses on the pivotal aspect of "secure delegation." The primary objective is to propose an advanced secure delegation mechanism specifically tailored for behavioral fingerprinting solutions in IoT. This mechanism aims to facilitate secure and privacy-preserving collaboration among IoT devices, emphasizing the critical need to securely exchange data between resource-constrained devices and the legacy ones. By addressing this challenge, the thesis tries to contribute to the overall security enhancement of IoT systems, ensuring that data exchange is conducted securely, even in environments with diverse device capabilities.È consentito all'utente scaricare e condividere i documenti disponibili a testo pieno in UNITESI UNIPV nel rispetto della licenza Creative Commons del tipo CC BY NC ND.
Per maggiori informazioni e per verifiche sull'eventuale disponibilità del file scrivere a: unitesi@unipv.it.
https://hdl.handle.net/20.500.14239/16841