A Network-aware Internet-wide Scan for Security Maximization of IPv6-enabled WLAN IoT Devices

Shikhar Verma, Yuichi Kawamoto, Nei Kato

Research output: Contribution to journalArticlepeer-review

Abstract

Despite unprecedented advancements, wireless local area network (WLAN) technologies for the Internet of Things (IoT), such as IEEE 802.11ah (i.e., WiFi-HaLow), are prone to serious security threats, owing to their constrained computational and memory resources, which limit the use of heavyweight intrusion protection and security protocols. To address this problem, security administrators (sec-admins) must perform regular and comprehensive vulnerability assessments of IoT devices. An Internet-wide port scan (IWPS) is the initial step. However, the medium access control mechanism of IEEE 802.11ah, designed specifically for heterogeneous IoT traffic and low-power operations, can degrade network performance in the case of traditional port-scan traffic. Moreover, Internet-security (IPSec) protocol support is mandatory for IPv6-enabled IoT devices to ensure data confidentiality, integrity, and availability. Although the objective of a port scan is to improve IoT security, the resultant network performance can adversely affect IPSec services. Therefore, in this study, we optimize the IWPS to maximize the IoT security over IEEE 802.11ah WLAN. To this end, we propose novel mathematical models to evaluate IoT security based on port-scan network performance and IPsec services, which derives an optimal scan rate for sec-admins. The effectiveness of the proposed framework is verified by comprehensive numerical analysis, which shows that our approach minimizes the risk to IoT devices while probing them at an optimal scan rate.

Original languageEnglish
JournalIEEE Internet of Things Journal
DOIs
Publication statusAccepted/In press - 2020

Keywords

  • Delays
  • Encryption
  • IEEE 802.11ah networks
  • Internet of Things
  • Internet of Things
  • IoT Security
  • IoT vulnerability assessment
  • Performance evaluation
  • Protocols
  • Security
  • Wireless LAN
  • port scan.

ASJC Scopus subject areas

  • Signal Processing
  • Information Systems
  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'A Network-aware Internet-wide Scan for Security Maximization of IPv6-enabled WLAN IoT Devices'. Together they form a unique fingerprint.

Cite this