Anais do 32º Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos – SBRC 2014

Siot – Defendendo a Internet das Coisas contra Exploits
Fernando A. Teixeira1 , Fernando Pereira1 , Gustavo Vieira1 , Pablo Marcondes1 ,
Hao Chi Wong2 , Jos´e Marcos S. Nogueira1 , Leonardo B. Oliveira1
1

Universidade Federal de Minas Gerais (UFMG) – Belo Horizonte, MG, Brazil
{fateixeira,fernando,gvieira,pablom,jmarcos,leob}@dcc.ufmg.br

Intel Corporation – Santa Clara, CA hao-chi.wong@intel.com Abstract. The Internet of Things (IoT) demands tailor-made security solutions.
Today, there are a number of proposals able to meet IoT’s demands in the context of attacks from outsiders. In the context of insiders, however, this does not hold true. Existing solutions to deal with this class of attacks not always take into consideration the IoT’s idiosyncrasies and, therefore, they do not produce the best results. This work aims at coming up with tailor-made security schemes for thwarting attacks from insiders in the context of IoT systems. Our solution,
SIoT, makes use of a pioneering solution to pinpoint vulnerabilities: we crosscheck data from communicating nodes. SIoT provides the same guarantees as traditional security mechanisms, but it is about 83% more efficient, according to the experiments that this article describes.
Resumo. A Internet das Coisas (IoT – Internet of Things) requer soluc¸o˜ es de seguranc¸a feitas sob medida. Embora haja propostas que tratem ataques externos de forma satisfat´oria, o mesmo n˜ao ocorre para ataques internos. Sobre esses u´ ltimos, as propostas existentes nem sempre consideram as caracter´ısticas de IoT e, portanto, n˜ao lhes s˜ao adequadas. O objetivo deste trabalho e´ conceber uma soluc¸a˜ o para proteger sistemas de IoT contra ataques internos. Nossa soluc¸a˜ o, SIoT, emprega uma abordagem pioneira na busca de vulnerabilidades: o cruzamento de dados de diferentes n´os da rede. SIoT provˆe as mesmas garantias que mecanismos de