AN ENHANCED MEASUREMENT APPROACH FOR INLINE DETECTION OF HEARTBLEED-STYLE ATTACKS IN IOT ENVIRONMENTS

Abstract

One of the most important components of the Internet of Things (IoT) is cyber security. These days, a lot of attention is focused on the potential for external attacks to capture information from both the client and the server. The vulnerability of either the sensor nodes themselves (if they have the ability to network operationally) or the IoT gateways—devices that can establish a connection between the local nodes of the IoT network and the wide area networks—makes the involved nodes vulnerable to cyberattacks, regardless of the IoT application. The IoT sensor nodes and IoT gateways are frequently built on low performance processing units, often customised for the particular application, due to the low cost constraints common to many IoT applications. As a result, they are difficult to update against newly discovered cyberthreats. One of the most well-known cyberattacks focused on obtaining private data was the heart bleed, which gave hackers the ability to remotely access protected memory from between 24 and 55 percent of well-known HTTPS websites. A appropriate patch was promptly issued to address the issue, which was caused by an OpenSSL flaw. This allowed for the problem to be avoided in the majority of circumstances. However, since IoT devices can't always be patched for a variety of practical reasons, they could need more sophisticated mitigation strategies. The research suggests a unique measuring technique for inline detection of intrusions caused by heart bleed and heart bleed-like events in this situation. The suggested method is based on an efficient rule that can be used with a low-performance general-purpose processor and does not need decoding the payload. It is hence easily implementable and may be included into IoT gateways or sensor nodes. Several tests conducted on an actual network have verified and confirmed the implemented system, demonstrating performance that is on par with—and often even better than—that of the more complex machine learning-based techniques.