Journal of Information Processing
Online ISSN : 1882-6652
ISSN-L : 1882-6652
IoTProtect: Highly Deployable Whitelist-based Protection for Low-cost Internet-of-Things Devices
Chun-Jung WuYing TieSatoshi HaraKazuki TamiyaAkira FujitaKatsunari YoshiokaTsutomu Matsumoto
Author information
JOURNALS FREE ACCESS

2018 Volume 26 Pages 662-672

Details
Abstract

In recent years, many Internet-of-Things (IoT) devices, such as home routers and Internet Protocol (IP) cameras, have been compromised through infection by malware as a consequence of weak authentication and other vulnerabilities. Malware infection can lead to functional disorders and/or misuse of these devices in cyberattacks of various kinds. However, unlike personal computers (PCs), low-cost IoT devices lack rich computational resources, with the result that conventional protection mechanisms, such as signature-based anti-virus software, cannot be used. In this study, we present IoTProtect, a light-weight, whitelist-based protection mechanism that can be deployed easily on existing commercial products with very little modification of their firmware. IoTProtect uses a whitelist to check processes running on IoT devices and terminate unknown processes periodically. Our experiments using four low-cost IoT devices and 4, 981 in-the-wild malware binaries show that IoTProtect successfully terminated 99.92% of the processes created by the binaries within 44 seconds after their infection with central processing unit (CPU) overhead of 24% and disk space overhead of 288KB.

Information related to the author
© 2018 by the Information Processing Society of Japan
Previous article Next article
feedback
Top