skip to main content
research-article
Public Access

Threat Management in Data-centric IoT-Based Collaborative Systems

Published:27 August 2019Publication History
Skip Abstract Section

Abstract

In this article, we propose a threat management system (TMS) for Data-centric Internet-of-Things-based Collaborative Systems (DIoTCSs). In particular, we focus on tampering attacks that target shared databases and can affect the execution of the DIoTCS services. The novelty of the proposed system is to isolate the damage caused by tampering attacks into data partitions. We formulate the partitioning problem as a cost-driven optimization problem, prove its NP-hardness, and propose two polynomial-time heuristics. We evaluate a TMS experimentally and demonstrate that intelligent partitioning of the database improves the overall availability of the DIoTCS.

References

  1. Ala Al-Fuqaha, Mohsen Guizani, Mehdi Mohammadi, Mohammed Aledhari, and Moussa Ayyash. 2015. Internet of Things: A survey on enabling technologies, protocols, and applications. IEEE Communications Surveys and Tutorials 17, 4, 2347--2376.Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Abdulrahman Almutairi, Muhammad Sarfraz, Saleh Basalamah, Walid Aref, and Arif Ghafoor. 2012. A distributed access control architecture for cloud computing. IEEE Software 29, 2, 36--44. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Paul Ammann, Sushil Jajodia, and Peng Liu. 2002. Recovery from malicious transactions. IEEE Transactions on Knowledge and Data Engineering 14, 5, 1167--1185. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Konstantin Andreev and Harald Racke. 2006. Balanced graph partitioning. Theory of Computing Systems 39, 6, 929--939. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, et al. 2017. Understanding the Mirai Botnet. In USENIX Security Symposium (USENIX'17). 1092--1110. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Vaibhav Arora, Faisal Nawab, Divyakant Agrawal, and Amr El Abbadi. 2017. Multi-representation based data processing architecture for IoT applications. In IEEE 37th International Conference on Distributed Computing Systems (ICDCS’17). IEEE, 2234--2239.Google ScholarGoogle ScholarCross RefCross Ref
  7. Philip A. Bernstein, Vassos Hadzilacos, and Nathan Goodman. 1986. Concurrency control and recovery in database systems. Addison-Wesley Longman Publishing Co., Inc., Boston, MA, USA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Zhuming Bi, Li Da Xu, and Chengen Wang. 2014. Internet of Things for enterprise systems of modern manufacturing. IEEE Transactions on Industrial Informatics 10, 2, 1537--1546.Google ScholarGoogle ScholarCross RefCross Ref
  9. Kristy Browder and M. Davidson. 2002. The virtual private database in Oracle9iR2. Oracle Technical White Paper, Oracle Corporation 500.Google ScholarGoogle Scholar
  10. Hongming Cai, Boyi Xu, Lihong Jiang, and Athanasios V. Vasilakos. 2017. IoT-based big data storage systems in cloud computing: Perspectives and challenges. IEEE Internet of Things Journal 4, 1, 75--87.Google ScholarGoogle ScholarCross RefCross Ref
  11. Ramesh Chandra, Taesoo Kim, Meelap Shah, Neha Narula, and Nickolai Zeldovich. 2011. Intrusion recovery for database-backed web applications. In Proceedings of the 23rd ACM Symposium on Operating Systems Principles. ACM, 101--114. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Chii Chang, Satish Narayana Srirama, and Rajkumar Buyya. 2017. Mobile cloud business process management system for the Internet of Things: A survey. ACM Computing Surveys 49, 4, 70. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Simone Cirani, Marco Picone, Pietro Gonizzi, Luca Veltri, and Gianluigi Ferrari. 2015. IoT-OAS: An OAuth-based authorization service architecture for secure services in IoT scenarios. IEEE Sensors Journal 15, 2, 1224--1234.Google ScholarGoogle ScholarCross RefCross Ref
  14. Djellel Eddine Difallah, Andrew Pavlo, Carlo Curino, and Philippe Cudre-Mauroux. 2013. OLTP-Bench: An extensible testbed for benchmarking relational databases. Proceedings of the VLDB Endowment 7, 4, 277--288. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Jianhua Fan, Xianglin Wei, Tongxiang Wang, Tian Lan, and Suresh Subramaniam. 2017. Deadline-aware task scheduling in a tiered IoT infrastructure. In IEEE Global Communications Conference (GLOBECOM’17). IEEE, 1--7.Google ScholarGoogle ScholarCross RefCross Ref
  16. Wu He, Gongjun Yan, and Li Da Xu. 2014. Developing vehicular data cloud services in the IoT environment. IEEE Transactions on Industrial Informatics 10, 2, 1587--1595.Google ScholarGoogle ScholarCross RefCross Ref
  17. Christine Hennebert and Jessye Dos Santos. 2014. Security protocols and privacy issues into 6LoWPAN stack: A synthesis. IEEE Internet of Things Journal 1, 5, 384--398.Google ScholarGoogle ScholarCross RefCross Ref
  18. Pengfei Hu, Huansheng Ning, Tie Qiu, Houbing Song, Yanna Wang, and Xuanxia Yao. 2017. Security and privacy preservation scheme of face identification and resolution framework using fog computing in Internet of Things. IEEE Internet of Things Journal 4, 5 (2017), 1143--1155.Google ScholarGoogle ScholarCross RefCross Ref
  19. Raj Jain, Arjan Durresi, and Gojko Babic. 1999. Throughput Fairness Index: An Explanation. Technical Report. Department of CIS, The Ohio State University.Google ScholarGoogle Scholar
  20. Heshan Kumarage, Ibrahim Khalil, Abdulatif Alabdulatif, Zahir Tari, and Xun Yi. 2016. Secure data analytics for cloud-integrated Internet of Things applications. IEEE Cloud Computing 3, 2, 46--56.Google ScholarGoogle ScholarCross RefCross Ref
  21. Jie Lin, Wei Yu, Nan Zhang, Xinyu Yang, Hanlin Zhang, and Wei Zhao. 2017. A survey on Internet of Things: Architecture, enabling technologies, security and privacy, and applications. IEEE Internet of Things Journal 4, 5 (2017), 1125--1142.Google ScholarGoogle ScholarCross RefCross Ref
  22. Peng Liu, Jiwu Jing, Pramote Luenam, Ying Wang, Lunquan Li, and Supawadee Ingsriswang. 2004. The design and implementation of a self-healing database system. Journal of Intelligent Information Systems 23, 3, 247--269. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Aleksandar Milenkoski, Marco Vieira, Samuel Kounev, Alberto Avritzer, and Bryan D. Payne. 2015. Evaluating computer intrusion detection systems: A survey of common practices. ACM Computing Surveys 48, 1 (2015), 12. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Michele Nitti, Roberto Girau, and Luigi Atzori. 2014. Trustworthiness management in the social Internet of Things. IEEE Transactions on Knowledge and Data Engineering 26, 5, 1253--1266. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. David R. Matos, Miguel L. Pardal, and Miguel Correia. 2017. Rectify: Black-box intrusion recovery in PaaS clouds. In Proceedings of the 18th International Middleware Conference. ACM. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Art Rask, Don Rubin, and Bill Neumann. 2005. Implementing row- and cell-level security in classified databases using SQL Server 2005. MS SQL Server Technical Center. Technical Report.Google ScholarGoogle Scholar
  27. Ayda Saidane, Vincent Nicomette, and Yves Deswarte. 2009. The design of a generic intrusion-tolerant architecture for web servers. IEEE Transactions on Dependable and Secure Computing 6, 1, 45--58. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Asmaa Sallam, Elisa Bertino, Syed Rafiul Hussain, David Landers, R. Michael Lefler, and Donald Steiner. 2017. DBSAFE: An anomaly detection system to protect databases from exfiltration attempts. IEEE Systems Journal 11, 2, 483--493.Google ScholarGoogle ScholarCross RefCross Ref
  29. Satish M. Srinivasan and Raghvinder S. Sangwan. 2017. Web app security: A comparison and categorization of testing frameworks. IEEE Software 34, 1, 99--102. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Qie Sun, Hailong Li, Zhanyu Ma, Chao Wang, Javier Campillo, Qi Zhang, Fredrik Wallin, and Jun Guo. 2016. A comprehensive review of smart energy meters in intelligent energy networks. IEEE Internet of Things Journal 3, 4 (2016), 464--479.Google ScholarGoogle ScholarCross RefCross Ref
  31. Fei Tao, Ying Cheng, Li Da Xu, Lin Zhang, and Bo Hu Li. 2014. CCIoT-CMfg: Cloud computing and Internet of Things-based cloud manufacturing service system. IEEE Transactions on Industrial Informatics 10, 2, 1435--1442.Google ScholarGoogle ScholarCross RefCross Ref
  32. Martin Wollschlaeger, Thilo Sauter, and Juergen Jasperneite. 2017. The future of industrial communication: Automation networks in the era of the Internet of Things and Industry 4.0. IEEE Industrial Electronics Magazine 11, 1, 17--27.Google ScholarGoogle ScholarCross RefCross Ref
  33. Boyi Xu, Li Da Xu, Hongming Cai, Cheng Xie, Jingyuan Hu, and Fenglin Bu. 2014. Ubiquitous data accessing method in IoT-based information system for emergency medical services. IEEE Transactions on Industrial Informatics 10, 2, 1578--1586.Google ScholarGoogle ScholarCross RefCross Ref
  34. Xun Xu. 2012. From cloud computing to cloud manufacturing. Robotics and Computer-integrated Manufacturing 28, 1, 75--86. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Hao Yue, Linke Guo, Ruidong Li, Hitoshi Asaeda, and Yuguang Fang. 2014. Dataclouds: Enabling community-based data-centric services over the Internet of Things. IEEE Internet of Things Journal 1, 5, 472--482.Google ScholarGoogle ScholarCross RefCross Ref
  36. Nan Zhang, Soteris Demetriou, Xianghang Mi, Wenrui Diao, Kan Yuan, Peiyuan Zong, Feng Qian, XiaoFeng Wang, Kai Chen, Yuan Tian, et al. 2017. Understanding IoT security through the data crystal ball: Where we are now and where we are going to be. arXiv preprint arXiv:1703.09809.Google ScholarGoogle Scholar

Index Terms

  1. Threat Management in Data-centric IoT-Based Collaborative Systems

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Published in

        cover image ACM Transactions on Internet Technology
        ACM Transactions on Internet Technology  Volume 19, Issue 3
        Special Section on Advances in Internet-Based Collaborative Technologies
        August 2019
        289 pages
        ISSN:1533-5399
        EISSN:1557-6051
        DOI:10.1145/3329912
        • Editor:
        • Ling Liu
        Issue’s Table of Contents

        Copyright © 2019 ACM

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 27 August 2019
        • Accepted: 1 February 2019
        • Revised: 1 December 2018
        • Received: 1 January 2018
        Published in toit Volume 19, Issue 3

        Permissions

        Request permissions about this article.

        Request Permissions

        Check for updates

        Qualifiers

        • research-article
        • Research
        • Refereed

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      HTML Format

      View this article in HTML Format .

      View HTML Format
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!