IIoT-SIDefender: Detecting and defense against the sensitive information leakage in industry IoT

Abstract

With Industry 4.0 and Internet of Things (IoT) era coming, remote passwords and control-flow vulnerabilities play a key role to detect attackers in Industry IoT (IIoT), who can easily complete remote session and control-flow hijacking on leverage of these types of Sensitive Information (SI). However, how to measure security degree of Sensitive Information is an open issue. To our best knowledge, no effective method can detect secret trace of SI thieves in Advanced Persistent Threat (APT), especially for backdoors and vulnerabilities in software or firmware. To deal with these problems, we propose a new design, called, IIoT-SIDefender (IIoT-SID), we measure security degree of Sensitive Information via Analytic Hierarchy Process (AHP) and Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS), based on selected taint tracking and real-time memory modification, attack-defense and fix-distribution approaches are proposed. Until now, it is the first defined SI guard method to detect SI-leakage scenarios and reject SI-leverage attack. To verify our proposal, experimental tests are verified in a large number of IIoT applications and devices, including IP cameras, smart meters, PLCs and smart routers. Test results have demonstrated that we can capture security level for Sensitive Information as expected, detect potential leakage points in data lifetime (including unknown backdoors and vulnerabilities), describe fine-grained semantics of accidental leakage and secret leverage points, and generate relative hot fix to prevent further attack.