Table of Contents Author Guidelines Submit a Manuscript
Wireless Communications and Mobile Computing
Volume 2018, Article ID 3029638, 18 pages
https://doi.org/10.1155/2018/3029638
Research Article

Shielding IoT against Cyber-Attacks: An Event-Based Approach Using SIEM

1Computer Science Faculty, Colombian School of Engineering Julio Garavito, Colombia
2Department of Information and Communications Engineering, University of Murcia, Spain

Correspondence should be addressed to Daniel Díaz López; oc.ude.gnialeucse@zaid.leinad

Received 28 May 2018; Revised 10 September 2018; Accepted 4 October 2018; Published 25 October 2018

Guest Editor: Constantinos Kolias

Copyright © 2018 Daniel Díaz López et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Abstract

Due to the growth of IoT (Internet of Things) devices in different industries and markets in recent years and considering the currently insufficient protection for these devices, a security solution safeguarding IoT architectures are highly desirable. An interesting perspective for the development of security solutions is the use of an event management approach, knowing that an event may become an incident when an information asset is affected under certain circumstances. The paper at hand proposes a security solution based on the management of security events within IoT scenarios in order to accurately identify suspicious activities. To this end, different vulnerabilities found in IoT devices are described, as well as unique features that make these devices an appealing target for attacks. Finally, three IoT attack scenarios are presented, describing exploited vulnerabilities, security events generated by the attack, and accurate responses that could be launched to help decreasing the impact of the attack on IoT devices. Our analysis demonstrates that the proposed approach is suitable for protecting the IoT ecosystem, giving an adequate protection level to the IoT devices.