INTRODUCTION
Technology has become so pervasive and prevalent in society, it is now considered a necessity in our daily lives. With ubiquitous technology evolving and spreading throughout the world at a rapid pace, the Internet of Things has become the new computing paradigm that many companies and organizations are preparing for. However, having all devices connected to the Internet and sharing information poses numerous risks and challenges.
Privacy and security is now susceptible to many cyber-attacks and new security protocols are needed to protect all sensitive data. Malware being the forefront of many cyber-attacks pose the greatest threats to date. To prevent loss of data and infrastructure, it is necessary to understand the notion behind each malware attack and how they can be prevented. We present an ontology scheme which forms a three-tier model for studying malware attacks in the Internet of Things.
APPROACH AND FINDINGS
The three-tier ontology model consists of three separate ontologies:Internet of Things, cyber-attack and malware specifically, each of which possess specific concepts that share specific relationships with each other.The ontologies were implemented using the Protégé application, which was developed by Stanford University and made public for scientific study. The model was evaluated against the SherLock dataset which spansnearly every single kind of software and hardware sensor that can be sampled from a Samsung Galaxy S5 smartphone, without root privileges. The dataset contains over 600 billion data points in over 10 billion data records.
CONCLUSION
While the ontology model is subject to modification, it illustrates the behaviour of malware in the IoT framework and what can be done to prevent such attacks from happening. The overall aim is to use the developed ontology as a knowledge-base for a collaborative group of mobile agents whose tasks will revolve around detecting and preventing malware attacks in the Internet of Things.
REFERENCES
Akhter, Naheed, and Maruf Pasha. 2016. "Ontology based Intrusion Detection System in Wireless Sensor Network for Active Attacks." International Journal of Advanced Computer Science and Applications(IJACSA 36-44.
Angrishi, and Kishore. 2017. "Turning Internet of Things(IoT) into Internet of Vulnerabilities (IoV): IoT Botnets."
Mirsky, Yisroel, Asaf Shabtai, Lior Rokach, Bracha Shapira, and Yuval Elovici. 2016. "SherLock vs Moriarty: A Smartphone Dataset for Cybersecurity Research." Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security. Vienna: ACM. 1-12.
Simmonds, A, P Sandilands, and L van Ekert. 2004. "An Ontology for Network Security Attacks." Asian Applied Computing Conference (AACC) 2004. Kathmandu: Springer, Berlin, Heidelberg. 317-323.
van Heerden, R, P, B Irwin, I, D Burke, and L Leenen. 2012. "A Computer Network Attack Taxonomy and Ontology." International Journal of Cyber Warfare and Terrorism (IJCWT) 12-25