Year of selection 2019
Institution Universidad de Murcia
Risk New technologies
Smart homes, smart cities, smart buildings, smart agriculture, connected cars… An increasing number of the devices we use on an everyday basis are connected to the Internet. This emerging paradigm is known as the Internet of Things (IoT). These ubiquitous and heterogenous objects and machines, as they are deployed everywhere, are fast transforming our lives opening the door for virtually endless opportunities. The upcoming and highly anticipated fifth generation mobile networks, commonly known as 5G, are expected to greatly accelerate the rise of IoT. Its vast improvements over the current capabilities of 4G (such as high-speed connectivity and very low latency) will lay the foundations for the full realization of IoT’s true potential. However, as with most significant technological advances, these benefits come with risks, to users and network operators alike. “As the IoT expands, the number of cyber-threats and risks associated to IoT and 5G-IoT communications are increasing accordingly”, explains Dr. Jorge Bernal Bernabé, a postdoctoral researcher at the Universidad de Murcia (Spain) and the recipient of an AXA Fellowship for his proposal to develop innovative 5G-IoT cybersecurity solutions. His project, called Cyber-SecIoT, aims to improve the capabilities of detection, prevention and protection from 5G and IoT security threats by going beyond the current state of the art, looking into new algorithms, protocols and mechanisms.
As demonstrated by the 2016 cyber-attack caused by the Mirai botnet – a network of infected IoT devices –, which took down major websites including Twitter, the Guardian, Netflix, CNN and many others in Europe and the US, the expansion of IoT comes with new and more numerous cyber threats. “IoT environments suffer additional vulnerabilities due to their constrained capabilities, their unexpected nature, their pervasive and dynamic network environment”, reports Dr. Bernal Bernabé. Using these vulnerabilities, cyber attackers are continuously improving their techniques to come up with sophisticated attacks against IoT scenarios, such as Distributed Denial of Service (DDoS) attacks against organizations and citizens. To put it simply, these cyber-attacks consist in saturating an online service with traffic from multiple sources. As was the case with the Mirai attack, these sources can be smart connected devices ranging from mobile phones to computers, home thermostats, etc. Because IoT devices often do not have strong security features, hackers can easily harness them to form a “botnet” (interconnected network of computers infected with malware). And this is just the tip of the iceberg.
Cyber-SecIoT: a holistic and cognitive cybersecurity framework
To help corporations and small and medium-sized enterprises (SMEs) deal with these unprecedented threats, Dr. Bernal Bernabé is developing a holistic cybersecurity framework which will deal with the full cycle of cybersecurity management, encompassing network/system and risk monitoring, threat data analysis and detection, risk assessment, and threat intelligent data sharing, as well as cybersecurity decision support to find out optimal remediation actions against cyberattacks. “Different novel techniques will be investigated, integrated and evaluated in diverse disruptive, “softwarized” and virtualized scenarios based on 5G-IoT networks and systems”. The project will leverage artificial intelligence to differentiate normal and abnormal system behaviors and detect cyber-attacks and threats. Once developed and validated the results of the Cyber-SecIoT project will be disseminated as widely as possible and the software generated during the project will be available in open access.
The novel cybersecurity solutions aimed at by the project will be valuable for SMEs, and organizations such as insurance companies, to meet the fast approaching challenges ahead.