ﻻ يوجد ملخص باللغة العربية
The connectivity and resource-constrained nature of IoT, and in particular single-board devices, opens up to cybersecurity concerns affecting the Industrial Internet of Things (IIoT). One of the most important is the presence of evil IoT twins. Evil IoT twins are malicious devices, with identical hardware and software configurations to authorized ones, that can provoke sensitive information leakages, data poisoning, or privilege escalation in industrial scenarios. Combining behavioral fingerprinting and Machine/Deep Learning (ML/DL) techniques is a promising solution to identify evil IoT twins by detecting minor performance differences generated by imperfections in manufacturing. However, existing solutions are not suitable for single-board devices because they do not consider their hardware and software limitations, underestimate critical aspects during the identification performance evaluation, and do not explore the potential of ML/DL techniques. Moreover, there is a dramatic lack of work explaining essential aspects to considering during the identification of identical devices. This work proposes an ML/DL-oriented methodology that uses behavioral fingerprinting to identify identical single-board devices. The methodology leverages the different built-in components of the system, comparing their internal behavior with each other to detect variations that occurred in manufacturing processes. The validation has been performed in a real environment composed of identical Raspberry Pi 4 Model B devices, achieving the identification for all devices by setting a 50% threshold in the evaluation process. Finally, a discussion compares the proposed solution with related work and provides important lessons learned and limitations.
We present a methodology for creating information flow specifications of hardware designs. Such specifications can help designers better understand their design and are necessary for security validation processes. By combining information flow tracki
Software digital rights management is a pressing need for the software development industry which remains, as no practical solutions have been acclamaimed succesful by the industry. We introduce a novel software-protection method, fully implemented w
Browser fingerprinting is an invasive and opaque stateless tracking technique. Browser vendors, academics, and standards bodies have long struggled to provide meaningful protections against browser fingerprinting that are both accurate and do not deg
Information flow analysis has largely ignored the setting where the analyst has neither control over nor a complete model of the analyzed system. We formalize such limited information flow analyses and study an instance of it: detecting the usage of
Our behavior (the way we talk, walk, or think) is unique and can be used as a biometric trait. It also correlates with sensitive attributes like emotions. Hence, techniques to protect individuals privacy against unwanted inferences are required. To c