Cargando…
Improving Security of Web Servers in Critical IoT Systems through Self-Monitoring of Vulnerabilities
IoT (Internet of Things) systems are complex ones that may comprise large numbers of sensing and actuating devices; and servers that store data and further configure the operation of such devices. Usually, these systems involve real-time operation as they are closely bound to particular physical pro...
Autores principales: | , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
MDPI
2022
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9269696/ https://www.ncbi.nlm.nih.gov/pubmed/35808499 http://dx.doi.org/10.3390/s22135004 |
_version_ | 1784744284072706048 |
---|---|
author | Song, Linxuan García-Valls, Marisol |
author_facet | Song, Linxuan García-Valls, Marisol |
author_sort | Song, Linxuan |
collection | PubMed |
description | IoT (Internet of Things) systems are complex ones that may comprise large numbers of sensing and actuating devices; and servers that store data and further configure the operation of such devices. Usually, these systems involve real-time operation as they are closely bound to particular physical processes. This real-time operation is often threatened by the security solutions that are put in place to alleviate the ever growing attack surface in IoT. This paper focuses on critical IoT domains where less attention has been paid to the web security aspects. The main reason is that, up to quite recently, web technologies have been considered unreliable and had to be avoided by design in critical systems. In this work, we focus on the server side and on how attacks propagate from server to client as vulnerabilities and from client to unprotected servers; we describe the concerns and vulnerabilities introduced by the intensive usage of web interfaces in IoT from the server templating engines perspective. In this context, we propose an approach to perform self monitoring on the server side, propagating the self monitoring to the IoT system devices; the aim is to provide rapid detection of security vulnerabilities with a low overhead that is transparent to the server normal operation. This approach improves the control over the vulnerability detection. We show a set of experiments that validate the feasibility of our approach. |
format | Online Article Text |
id | pubmed-9269696 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2022 |
publisher | MDPI |
record_format | MEDLINE/PubMed |
spelling | pubmed-92696962022-07-09 Improving Security of Web Servers in Critical IoT Systems through Self-Monitoring of Vulnerabilities Song, Linxuan García-Valls, Marisol Sensors (Basel) Article IoT (Internet of Things) systems are complex ones that may comprise large numbers of sensing and actuating devices; and servers that store data and further configure the operation of such devices. Usually, these systems involve real-time operation as they are closely bound to particular physical processes. This real-time operation is often threatened by the security solutions that are put in place to alleviate the ever growing attack surface in IoT. This paper focuses on critical IoT domains where less attention has been paid to the web security aspects. The main reason is that, up to quite recently, web technologies have been considered unreliable and had to be avoided by design in critical systems. In this work, we focus on the server side and on how attacks propagate from server to client as vulnerabilities and from client to unprotected servers; we describe the concerns and vulnerabilities introduced by the intensive usage of web interfaces in IoT from the server templating engines perspective. In this context, we propose an approach to perform self monitoring on the server side, propagating the self monitoring to the IoT system devices; the aim is to provide rapid detection of security vulnerabilities with a low overhead that is transparent to the server normal operation. This approach improves the control over the vulnerability detection. We show a set of experiments that validate the feasibility of our approach. MDPI 2022-07-02 /pmc/articles/PMC9269696/ /pubmed/35808499 http://dx.doi.org/10.3390/s22135004 Text en © 2022 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
spellingShingle | Article Song, Linxuan García-Valls, Marisol Improving Security of Web Servers in Critical IoT Systems through Self-Monitoring of Vulnerabilities |
title | Improving Security of Web Servers in Critical IoT Systems through Self-Monitoring of Vulnerabilities |
title_full | Improving Security of Web Servers in Critical IoT Systems through Self-Monitoring of Vulnerabilities |
title_fullStr | Improving Security of Web Servers in Critical IoT Systems through Self-Monitoring of Vulnerabilities |
title_full_unstemmed | Improving Security of Web Servers in Critical IoT Systems through Self-Monitoring of Vulnerabilities |
title_short | Improving Security of Web Servers in Critical IoT Systems through Self-Monitoring of Vulnerabilities |
title_sort | improving security of web servers in critical iot systems through self-monitoring of vulnerabilities |
topic | Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9269696/ https://www.ncbi.nlm.nih.gov/pubmed/35808499 http://dx.doi.org/10.3390/s22135004 |
work_keys_str_mv | AT songlinxuan improvingsecurityofwebserversincriticaliotsystemsthroughselfmonitoringofvulnerabilities AT garciavallsmarisol improvingsecurityofwebserversincriticaliotsystemsthroughselfmonitoringofvulnerabilities |