Efficient Delay-Based Internet-Wide Scanning Method for IoT Devices in Wireless LAN

Recently, Internet-wide scanning has emerged as an important element of detecting the security vulnerabilities of the Internet of Things (IoT) devices. However, Internet-wide scanning induces network congestion when sending a huge number of port scanning packets in a short time. The wireless networks are particularly subject to congestion from scanning traffic. Therefore, the scan rate should be low to reduce network congestion. However, as the number of IoT devices connected to a WLAN increases, a higher scan rate is required due to the excessive time consumption of low rate scanning. In this article, we propose a method for setting an optimal scan rate which is as high as possible without imposing congestion on a WLAN. To address this problem, we construct a model for quantifying the impact of scanning traffic on IoT data communication in a target network and demonstrate how scanning packet delay elicits the congestion of the target network. The validity of our model is evaluated and is corroborated by numerical analysis. In addition, numerical analysis results demonstrate the effectiveness of the proposed scan rate optimizing method in terms of low network congestion and a high scanning rate.

[1]  Nei Kato,et al.  A Survey on Network Methodologies for Real-Time Analytics of Massive IoT Data and Open Research Issues , 2017, IEEE Communications Surveys & Tutorials.

[2]  Hongqiang Zhai,et al.  Performance analysis of IEEE 802.11 MAC protocols in wireless LANs , 2004, Wirel. Commun. Mob. Comput..

[3]  Xuemin Shen,et al.  Efficient and Privacy-preserving Fog-assisted Health Data Sharing Scheme , 2019, ACM Trans. Intell. Syst. Technol..

[4]  Elisa Bertino,et al.  Botnets and Internet of Things Security , 2017, Computer.

[5]  Yi Zhou,et al.  Understanding the Mirai Botnet , 2017, USENIX Security Symposium.

[6]  Barry E. Mullins,et al.  Evaluation of the ability of the Shodan search engine to identify Internet-facing industrial control devices , 2014, Int. J. Crit. Infrastructure Prot..

[7]  Michael Bredel,et al.  A Measurement Study of Bandwidth Estimation in IEEE 802.11g Wireless LANs Using the DCF , 2008, Networking.

[8]  Mohsen Guizani,et al.  Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[9]  Qinglin Zhao,et al.  A Simple and Approximate Model for Nonsaturated IEEE 802.11 DCF , 2009, IEEE Transactions on Mobile Computing.

[10]  Fred Daneshgaran,et al.  On the Linear Behaviour of the Throughput of IEEE 802.11 DCF in Non-Saturated Conditions , 2007, IEEE Communications Letters.

[11]  Xiaohui Liang,et al.  Security and Privacy in Smart City Applications: Challenges and Solutions , 2017, IEEE Communications Magazine.

[12]  J. Alex Halderman,et al.  An Internet-Wide View of Internet-Wide Scanning , 2014, USENIX Security Symposium.

[13]  Kai Chen,et al.  Available Bandwidth Estimation in IEEE 802.11-based Wireless Networks , 2003 .

[14]  Julie A. McCann,et al.  Self-Synchronization in Duty-Cycled Internet of Things (IoT) Applications , 2017, IEEE Internet of Things Journal.

[15]  Ju Ren,et al.  Flexible and Efficient Authenticated Key Agreement Scheme for BANs Based on Physiological Features , 2019, IEEE Transactions on Mobile Computing.

[16]  Georgios Kambourakis,et al.  DDoS in the IoT: Mirai and Other Botnets , 2017, Computer.

[17]  Xiaodong Lin,et al.  Toward Edge-Assisted Internet of Things: From Security and Efficiency Perspectives , 2019, IEEE Network.

[18]  Qiang Li,et al.  Understanding the Usage of Industrial Control System Devices on the Internet , 2018, IEEE Internet of Things Journal.

[19]  Marco de Vivo,et al.  A review of port scanning techniques , 1999, CCRV.

[20]  A. M. J. Koonen,et al.  End-to-end available bandwidth probing in heterogeneous IP home networks , 2011, 2011 IEEE Consumer Communications and Networking Conference (CCNC).

[21]  J. Alex Halderman,et al.  A Search Engine Backed by Internet-Wide Scanning , 2015, CCS.

[22]  Niraj K. Jha,et al.  A Comprehensive Study of Security of Internet-of-Things , 2017, IEEE Transactions on Emerging Topics in Computing.

[23]  Mourad Debbabi,et al.  Cyber Scanning: A Comprehensive Survey , 2014, IEEE Communications Surveys & Tutorials.

[24]  Jadwiga Indulska,et al.  Revisited: Bandwidth estimation methods for mobile networks , 2014, Proceeding of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks 2014.

[25]  Yufei Chen,et al.  RT-WABest: A novel end-to-end bandwidth estimation tool in IEEE 802.11 wireless network , 2017, Int. J. Distributed Sens. Networks.

[26]  Yao Zheng,et al.  A Feedback Control-Based Crowd Dynamics Management in IoT System , 2017, IEEE Internet of Things Journal.

[27]  Xiaomin Zhang,et al.  A New Method for Analyzing Nonsaturated IEEE 802.11 DCF Networks , 2013, IEEE Wireless Communications Letters.

[28]  Byeong-Hee Roh,et al.  Abnormal Behavior-Based Detection of Shodan and Censys-Like Scanning , 2017, 2017 Ninth International Conference on Ubiquitous and Future Networks (ICUFN).

[29]  Lena Schwartz Next Generation Wireless Lans 802 11n And 802 11ac , 2016 .

[30]  George C. Hadjichristofi,et al.  Internet of Things: Security vulnerabilities and challenges , 2015, 2015 IEEE Symposium on Computers and Communication (ISCC).

[31]  Markus Rupp,et al.  Traffic Models for Machine Type Communications , 2013, ISWCS.

[32]  Anup Kumar Paul,et al.  An Enhanced Available Bandwidth Estimation Technique for an End-to-End Network Path , 2016, IEEE Transactions on Network and Service Management.

[33]  Ki Hwan Yum,et al.  Bandwidth Estimation in Wireless Lans for Multimedia Streaming Services , 2006, 2006 IEEE International Conference on Multimedia and Expo.

[34]  J. Alex Halderman,et al.  Zippier ZMap: Internet-Wide Scanning at 10 Gbps , 2014, WOOT.

[35]  Biplab Sikdar,et al.  A queueing model for finite load IEEE 802.11 random access MAC , 2004, 2004 IEEE International Conference on Communications (IEEE Cat. No.04CH37577).

[36]  Tanupriya Choudhury,et al.  Securing the Internet of Things: A proposed framework , 2017, 2017 International Conference on Computing, Communication and Automation (ICCCA).

[37]  Jitendra Padhye,et al.  Bandwidth estimation in broadband access networks , 2004, IMC '04.

[38]  Eric Wustrow,et al.  ZMap: Fast Internet-wide Scanning and Its Security Applications , 2013, USENIX Security Symposium.

[39]  Ju Ren,et al.  BOAT: A Block-Streaming App Execution Scheme for Lightweight IoT Devices , 2018, IEEE Internet of Things Journal.

[40]  A. Girotra,et al.  Performance Analysis of the IEEE 802 . 11 Distributed Coordination Function , 2005 .

[41]  Kaijie Zhou,et al.  Simple Traffic Modeling Framework for Machine Type Communication , 2013, ISWCS.

[42]  John A. Stankovic,et al.  Research Directions for the Internet of Things , 2014, IEEE Internet of Things Journal.

[43]  Kwok-Yan Lam,et al.  Wireless Communication and Security Issues for Cyber–Physical Systems and the Internet-of-Things , 2018, Proceedings of the IEEE.

[44]  Mark Claypool,et al.  WBest: A bandwidth estimation tool for IEEE 802.11 wireless networks , 2008, 2008 33rd IEEE Conference on Local Computer Networks (LCN).

[45]  Samuel Kounev,et al.  Modeling of Aggregated IoT Traffic and Its Application to an IoT Cloud , 2019, Proceedings of the IEEE.