November 29, 2024 by Pablo Ramos / Rubén Permuy, Open University of Catalonia
Collected at: https://techxplore.com/news/2024-11-interconnected-devices-internet.html
The progress of new technologies has allowed many of the devices and appliances in homes, offices, industries and streets to be connected to the network through the Internet of Things (IoT), improving and streamlining processes, jobs and even people’s quality of life. However, this massive connection of everyday objects can lead to numerous risks, especially when processing personal data, sensitive data or the information handled by these systems.
Now, a team of experts, led by researchers from the Universitat Oberta de Catalunya (UOC) and Institut Polytechnique de Paris (IP Paris), has designed a system to guarantee the integrity, origin and security of data coming from IoT networks, especially in areas where connected devices have limited computing and storage resources. The study is published in the Journal of Information Security and Applications.
“We’ve developed a system of zero-watermarking approach, which does not modify the original data but can incorporate information about their source, ensuring tamper-proof transmission over the network,” said Omair Faraj, lead author of this study and Ph.D. with the Network and Information Technologies program at both the UOC and Télécom SudParis of IP Paris.
Faraj worked with the K-ryptography and Information Security for Open Networks (KISON) research group, together with Professor David Megías, KISON lead researcher and director of the Internet Interdisciplinary Institute (IN3), and Professor Joaquín García Alfaro, full professor and researcher at Télécom SudParis, both co-authors of this study.
This innovative method, designed to guarantee data integrity and secure provenance in environments where the Internet of Things is used, is called ZIRCON (Zero-watermarkIng-based data pRovenanCe for iOt Networks).
“ZIRCON uses a zero-watermarking technique without amendment to the data itself, in which a unique watermark is generated from the metadata—similar to the IP address of a device—but without embedding this watermark directly in the original data,” said Faraj.
In this way, thanks to the use of this system, the watermark is stored separately in a network database that is tamper-proof and resilient against unwanted external interference.
IoT challenges and risks
Systems based on the Internet of Things have very specific characteristics, and face unique challenges compared to other digital environments. For example, devices often have limited processing power, short battery life and less bandwidth.
There are also many risks involved as the IoT develops and becomes more widely used. Firstly, data management, because of its dynamic and highly interconnected nature, makes data more vulnerable, especially at points where different devices are connected.
Secondly, a lack of computational capabilities makes the use of complex security and encrypting techniques more difficult. This increases risks and the threat that data could be captured, modified or falsified.
Given the possible consequences of these risks, which can affect key sectors of society, such as electricity networks, traffic or infrastructure, 30 November is International Computer Security Day, an event aimed at promoting secure, reliable and verified computing systems.
The ZIRCON system is able to solve this type of conflict thanks to its innovative design, which needs only light computational capabilities and has low energy requirements. The system is applicable to a large proportion of digital environments and can turn them into secure, robust and verified networks at each stage of device interconnection.
“It’s an ideal solution for IoT devices with limited resources,” Faraj emphasized.
In addition, according to the experts, this system is highly resistant to both passive and active attacks, including packet replay, data manipulation, and provenance forgery.
“Our results indicate that ZIRCON is superior to traditional methods, especially because of its lightweight processing, efficient use of bandwidth and reduced energy consumption,” said Faraj.
Secure transmission
Another fundamental feature of ZIRCON is its ability to verify the integrity of data at each hop within an IoT network. This ensures secure end-to-end transmission, providing a solution for the integrity of the data handled by the applications on the devices connected to the network.
“ZIRCON is a system that is robust against attacks, lightweight, and efficient in data storage, energy use and bandwidth consumption, compared with previous techniques,” the experts pointed out.
Moreover, the design of this innovative system opens up a field of new opportunities to improve network security. “Future projects will be able to explore the integration of ZIRCON with other cryptographic methods and its application in emerging environments,” Faraj concluded.
More information: Omair Faraj et al, ZIRCON: Zero-watermarking-based approach for data integrity and secure provenance in IoT networks, Journal of Information Security and Applications (2024). DOI: 10.1016/j.jisa.2024.103840
Leave a Reply