Description
Date depot: 18 décembre 2023
Titre: Ensuring Availability of Internet-connected Constrained Wireless Networks
Directeur de thèse:
Paul MUHLETHALER (Inria-Paris (ED-130))
Encadrant :
Malisa VUCINIC (Inria-Paris (ED-130))
Domaine scientifique: Sciences et technologies de l'information et de la communication
Thématique CNRS : Systèmes et réseaux
Resumé: With the global reachability enabled by the IP connectivity, IoT devices are easy Denial-of-Service (DoS) targets. Ensuring service availability has many challenges with battery-powered or energy-harvested IoTdevices. Every packet forwarded into the constrained network has an impact on the resourceconsumption of network nodes. We will study techniques that will enable IoT gateways to filter out theundesired traffic before forwarding it into the IoT network and detect suspicious activity. Coarse-grained filtering with firewalls or VPNs alleviates but does not resolve the problem in the case ofinternal attackers or compromised hosts. Mechanisms based on state-of-the-art Internet technologieslike object security allow us to do much finer control over the traffic that is forwarded into the network.With the gateway in the same security domain as the IoT devices, we can inspect authorization (proof-of-possession) tokens and validate them cryptographically before forwarding the traffic into the network. We aim at enabling true end-to-end IP connectivity of IoT devices, while shielding them fromDoS attacks as if they were in a proprietary network. We will design and evaluate architectures and statefull packet filtering techniques. The IoT gateway will enforce the deployed security policies by cryptographically verifying the application traffic origin and itsdata authenticity
Doctorant.e: López Pérez Elsa