NDSS DISS 2020 UIDS: Unikernel-based Intrusion Detection System for the Internet of Things Abstract: The advent of the Internet of Things promises to interconnect all type of devices, including the most common electrical appliances such as ovens and light bulbs. One of the greatest risks of the uncontrolled proliferation of resource constrained devices are the security and privacy implications. Most manufacturers' top priority is getting their product into the market quickly, rather than taking the necessary steps to build security from the start, due to high competitiveness of the field. Moreover, standard security tools are tailored to server-class machines and not directly applicable in the IoT domain. To address these problems, we propose a lightweight, signature-based intrusion detection system for IoT to be able to run on resource-constrained devices. Our prototype is based on the IncludeOS unikernel, ensuring low resource utilization, high modularity, and a minimalist code surface. In particular, we evaluate the performance of our solution on x86 and ARM devices and compare it against Snort, a widely known network intrusion detection system. The experimental results show that our prototype effectively detects all attack patterns while using up to 2-3x less CPU and 8x less RAM than our baseline. Pre-camera PDFBibTeX:
@INPROCEEDINGS{Cozzolino:DISS2020,
author={Cozzolino, Vittorio and Schwellnus, Nikolai and Ott, Joerg and Ding, Aaron Yi},
booktitle={NDSS Workshop on Decentralized IoT Systems and Security (DISS) 2020},
title={UIDS: Unikernel-based Intrusion Detection System for the Internet of Things},
year={2020},
}
How to cite:
Vittorio Cozzolino, Nikolai Schwellnus, Joerg Ott, Aaron Yi Ding. 2020. "UIDS: Unikernel-based Intrusion Detection System for the Internet of Things", In Proceedings of NDSS Workshop on Decentralized IoT Systems and Security (DISS) 2020.