Cyberattack detection and prevention on resource-constrained IoT devices based on intelligent agents

Abstract

Internet of things (IoT) has become a trend that attracts many scientists, businesses, and application research and development organizations in recent years. However, security for IoT devices in general and resource-constrained IoT devices, in particular, has become an important issue. This chapter will present an overview of resource-constrained IoT devices and explain the characteristics of resource-constrained IoT devices that make integrated information security and safety solutions currently 42unavailable, such as traditional electronic devices (i.e., PCs, laptops, and servers). This chapter will also go through the issues related to the traditional electronic device agents and the resource-constrained IoT device agents. Unlike traditional electronic devices with mostly i386-based processors and Windows operating systems, resource-constrained IoT devices use a variety of different processors such as MIPS32, MIPS64, ARM, ARM64, PowerPC, and SPARC and need limited resources (i.e., storage and processing). The data collected by the agent on the resource-constrained IoT devices are of different varieties (i.e., from network traffic data (PCAP) to system data of the device (syscalls, PID, etc.)); therefore, detecting and preventing cyberattacks against resource-constrained IoT devices is effective and practical when preventing cyberattacks is handled directly on resource-constrained IoT devices.