TY - GEN
T1 - Friend or foe? Detecting and isolating malicious nodes in mobile edge computing platforms
AU - Mtibaa, Abderrahmen
AU - Harras, Khaled A.
AU - Alnuweiri, Hussein
N1 - Publisher Copyright:
© 2015 IEEE.
PY - 2016/2/1
Y1 - 2016/2/1
N2 - The evolution of mobile devices into highly capable computing platforms that sense, store, and execute complex tasks is making them attractive candidates for edge computational micro-cloud settings. Such solutions are creating novel security challenges due to the increased push for more seamless computational cyber-foraging that leverages the exploding proliferation of mobile devices. A major concern is that security challenges stemming from these trends, are growing at a rate exceeding the evolution of security solutions. In this paper, we consider an environment in which computational offloading is performed among a set of mobile devices. We propose HoneyBot, a defense technique for device-to-device (d2d) malicious communication. While classical honeypots designed to isolate distributed denial of service (DDoS) botnet attacks fail to detect d2d insider attacks, HoneyBot nodes detect, track, and isolate such attacks. We propose and investigate detection and tracking algorithms that leverage insecure d2d infected communication channels to accurately and efficiently identify suspect malicious nodes and isolate them. Our data driven evaluation and analysis, based on 3 real world mobility traces, show that the number and placement of HoneyBot nodes (Hb) in the network considerably impact the tracking delay and the detection accuracy.
AB - The evolution of mobile devices into highly capable computing platforms that sense, store, and execute complex tasks is making them attractive candidates for edge computational micro-cloud settings. Such solutions are creating novel security challenges due to the increased push for more seamless computational cyber-foraging that leverages the exploding proliferation of mobile devices. A major concern is that security challenges stemming from these trends, are growing at a rate exceeding the evolution of security solutions. In this paper, we consider an environment in which computational offloading is performed among a set of mobile devices. We propose HoneyBot, a defense technique for device-to-device (d2d) malicious communication. While classical honeypots designed to isolate distributed denial of service (DDoS) botnet attacks fail to detect d2d insider attacks, HoneyBot nodes detect, track, and isolate such attacks. We propose and investigate detection and tracking algorithms that leverage insecure d2d infected communication channels to accurately and efficiently identify suspect malicious nodes and isolate them. Our data driven evaluation and analysis, based on 3 real world mobility traces, show that the number and placement of HoneyBot nodes (Hb) in the network considerably impact the tracking delay and the detection accuracy.
KW - HoneyBots
KW - MobiBots
KW - Mobile Networking Security
KW - Mobile d2d botnets
UR - http://www.scopus.com/inward/record.url?scp=84964336316&partnerID=8YFLogxK
U2 - 10.1109/CloudCom.2015.40
DO - 10.1109/CloudCom.2015.40
M3 - Conference contribution
AN - SCOPUS:84964336316
T3 - Proceedings - IEEE 7th International Conference on Cloud Computing Technology and Science, CloudCom 2015
SP - 42
EP - 49
BT - Proceedings - IEEE 7th International Conference on Cloud Computing Technology and Science, CloudCom 2015
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 7th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2015
Y2 - 30 November 2015 through 3 December 2015
ER -