Friend or foe? Detecting and isolating malicious nodes in mobile edge computing platforms

Abderrahmen Mtibaa, Khaled A. Harras, Hussein Alnuweiri

Research output: Chapter in Book/Report/Conference proceedingConference contribution

11 Citations (Scopus)

Abstract

The evolution of mobile devices into highly capable computing platforms that sense, store, and execute complex tasks is making them attractive candidates for edge computational micro-cloud settings. Such solutions are creating novel security challenges due to the increased push for more seamless computational cyber-foraging that leverages the exploding proliferation of mobile devices. A major concern is that security challenges stemming from these trends, are growing at a rate exceeding the evolution of security solutions. In this paper, we consider an environment in which computational offloading is performed among a set of mobile devices. We propose HoneyBot, a defense technique for device-to-device (d2d) malicious communication. While classical honeypots designed to isolate distributed denial of service (DDoS) botnet attacks fail to detect d2d insider attacks, HoneyBot nodes detect, track, and isolate such attacks. We propose and investigate detection and tracking algorithms that leverage insecure d2d infected communication channels to accurately and efficiently identify suspect malicious nodes and isolate them. Our data driven evaluation and analysis, based on 3 real world mobility traces, show that the number and placement of HoneyBot nodes (Hb) in the network considerably impact the tracking delay and the detection accuracy.

Original languageEnglish
Title of host publicationProceedings - IEEE 7th International Conference on Cloud Computing Technology and Science, CloudCom 2015
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages42-49
Number of pages8
ISBN (Electronic)9781467395601
DOIs
Publication statusPublished - 1 Feb 2016
Externally publishedYes
Event7th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2015 - Vancouver, Canada
Duration: 30 Nov 20153 Dec 2015

Other

Other7th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2015
CountryCanada
CityVancouver
Period30/11/153/12/15

Fingerprint

Mobile devices
Communication
Botnet

Keywords

  • HoneyBots
  • MobiBots
  • Mobile d2d botnets
  • Mobile Networking Security

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computational Theory and Mathematics

Cite this

Mtibaa, A., Harras, K. A., & Alnuweiri, H. (2016). Friend or foe? Detecting and isolating malicious nodes in mobile edge computing platforms. In Proceedings - IEEE 7th International Conference on Cloud Computing Technology and Science, CloudCom 2015 (pp. 42-49). [7396136] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CloudCom.2015.40

Friend or foe? Detecting and isolating malicious nodes in mobile edge computing platforms. / Mtibaa, Abderrahmen; Harras, Khaled A.; Alnuweiri, Hussein.

Proceedings - IEEE 7th International Conference on Cloud Computing Technology and Science, CloudCom 2015. Institute of Electrical and Electronics Engineers Inc., 2016. p. 42-49 7396136.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Mtibaa, A, Harras, KA & Alnuweiri, H 2016, Friend or foe? Detecting and isolating malicious nodes in mobile edge computing platforms. in Proceedings - IEEE 7th International Conference on Cloud Computing Technology and Science, CloudCom 2015., 7396136, Institute of Electrical and Electronics Engineers Inc., pp. 42-49, 7th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2015, Vancouver, Canada, 30/11/15. https://doi.org/10.1109/CloudCom.2015.40
Mtibaa A, Harras KA, Alnuweiri H. Friend or foe? Detecting and isolating malicious nodes in mobile edge computing platforms. In Proceedings - IEEE 7th International Conference on Cloud Computing Technology and Science, CloudCom 2015. Institute of Electrical and Electronics Engineers Inc. 2016. p. 42-49. 7396136 https://doi.org/10.1109/CloudCom.2015.40
Mtibaa, Abderrahmen ; Harras, Khaled A. ; Alnuweiri, Hussein. / Friend or foe? Detecting and isolating malicious nodes in mobile edge computing platforms. Proceedings - IEEE 7th International Conference on Cloud Computing Technology and Science, CloudCom 2015. Institute of Electrical and Electronics Engineers Inc., 2016. pp. 42-49
@inproceedings{4674ee4cad0c4f18b89b4db305ad77ae,
title = "Friend or foe? Detecting and isolating malicious nodes in mobile edge computing platforms",
abstract = "The evolution of mobile devices into highly capable computing platforms that sense, store, and execute complex tasks is making them attractive candidates for edge computational micro-cloud settings. Such solutions are creating novel security challenges due to the increased push for more seamless computational cyber-foraging that leverages the exploding proliferation of mobile devices. A major concern is that security challenges stemming from these trends, are growing at a rate exceeding the evolution of security solutions. In this paper, we consider an environment in which computational offloading is performed among a set of mobile devices. We propose HoneyBot, a defense technique for device-to-device (d2d) malicious communication. While classical honeypots designed to isolate distributed denial of service (DDoS) botnet attacks fail to detect d2d insider attacks, HoneyBot nodes detect, track, and isolate such attacks. We propose and investigate detection and tracking algorithms that leverage insecure d2d infected communication channels to accurately and efficiently identify suspect malicious nodes and isolate them. Our data driven evaluation and analysis, based on 3 real world mobility traces, show that the number and placement of HoneyBot nodes (Hb) in the network considerably impact the tracking delay and the detection accuracy.",
keywords = "HoneyBots, MobiBots, Mobile d2d botnets, Mobile Networking Security",
author = "Abderrahmen Mtibaa and Harras, {Khaled A.} and Hussein Alnuweiri",
year = "2016",
month = "2",
day = "1",
doi = "10.1109/CloudCom.2015.40",
language = "English",
pages = "42--49",
booktitle = "Proceedings - IEEE 7th International Conference on Cloud Computing Technology and Science, CloudCom 2015",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - Friend or foe? Detecting and isolating malicious nodes in mobile edge computing platforms

AU - Mtibaa, Abderrahmen

AU - Harras, Khaled A.

AU - Alnuweiri, Hussein

PY - 2016/2/1

Y1 - 2016/2/1

N2 - The evolution of mobile devices into highly capable computing platforms that sense, store, and execute complex tasks is making them attractive candidates for edge computational micro-cloud settings. Such solutions are creating novel security challenges due to the increased push for more seamless computational cyber-foraging that leverages the exploding proliferation of mobile devices. A major concern is that security challenges stemming from these trends, are growing at a rate exceeding the evolution of security solutions. In this paper, we consider an environment in which computational offloading is performed among a set of mobile devices. We propose HoneyBot, a defense technique for device-to-device (d2d) malicious communication. While classical honeypots designed to isolate distributed denial of service (DDoS) botnet attacks fail to detect d2d insider attacks, HoneyBot nodes detect, track, and isolate such attacks. We propose and investigate detection and tracking algorithms that leverage insecure d2d infected communication channels to accurately and efficiently identify suspect malicious nodes and isolate them. Our data driven evaluation and analysis, based on 3 real world mobility traces, show that the number and placement of HoneyBot nodes (Hb) in the network considerably impact the tracking delay and the detection accuracy.

AB - The evolution of mobile devices into highly capable computing platforms that sense, store, and execute complex tasks is making them attractive candidates for edge computational micro-cloud settings. Such solutions are creating novel security challenges due to the increased push for more seamless computational cyber-foraging that leverages the exploding proliferation of mobile devices. A major concern is that security challenges stemming from these trends, are growing at a rate exceeding the evolution of security solutions. In this paper, we consider an environment in which computational offloading is performed among a set of mobile devices. We propose HoneyBot, a defense technique for device-to-device (d2d) malicious communication. While classical honeypots designed to isolate distributed denial of service (DDoS) botnet attacks fail to detect d2d insider attacks, HoneyBot nodes detect, track, and isolate such attacks. We propose and investigate detection and tracking algorithms that leverage insecure d2d infected communication channels to accurately and efficiently identify suspect malicious nodes and isolate them. Our data driven evaluation and analysis, based on 3 real world mobility traces, show that the number and placement of HoneyBot nodes (Hb) in the network considerably impact the tracking delay and the detection accuracy.

KW - HoneyBots

KW - MobiBots

KW - Mobile d2d botnets

KW - Mobile Networking Security

UR - http://www.scopus.com/inward/record.url?scp=84964336316&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84964336316&partnerID=8YFLogxK

U2 - 10.1109/CloudCom.2015.40

DO - 10.1109/CloudCom.2015.40

M3 - Conference contribution

SP - 42

EP - 49

BT - Proceedings - IEEE 7th International Conference on Cloud Computing Technology and Science, CloudCom 2015

PB - Institute of Electrical and Electronics Engineers Inc.

ER -