LIGHTWEIGHT AND REALTIME SECURITY TOOL FOR THE IOMT RANSOMWARE DETECTION
BOOTH NO : H2
Category : Information Communication Technology & Multimedia
Cloud-based applications are distinguished by high latency, privacy concerns, and a centralized approach, making them unsuitable for use in the IoMT systems for ransomware detection. Furthermore, any delay in the reporting of an attack is acted upon raising the likelihood of threats such as ransomware attacks spreading. As a result, fog-based detection seems to be the perfect fit for the IoMT ransomware detection as it reduces latency and provides an average resource of memory and processors.
1)Current ransomware attacks spread quickly without a medium. Therefore, they reach the important target files such as databases at fog devices in the fog oriented medical IoT.
2)There is no security tool on ransomware attack detection at the network of fog IoMT, hence there is need to build a tool for hybrid ransomware attack detection and classification for the devices and network at fog layer.
In Malaysia, there is not enough security tools which can be used by organizations
Additionally, the tool is intelligent, lightweight, and real-time which overcome the current challenges of an all-in-one security product in the market
Testbed system development: In this step the objective is to build a testbed which represent IoMT system and infect them with multiple ransomwares to generate a dataset.
Our proposed IoMT system is composed of three layers: (a) sensors and actuators at edge layer (b) smart gateways, routers, and lightweight servers at fog layer (c) massive servers at cloud layer
LARRA development: In this step the second objective will be achieved. Which is to build the tool and test it on the testbed which was generated in the first step
This can be done by choosing less complex classification and detection methods and reducing the feature set of the datasets.
Therefore, the outcome of this step should be a real time detection and classification system which is also lightweight for fog devices
The tool needs very cheap devices to be installed on.
It does not need too much memory and CPU processors for achieving its objectives.
The tool is all-in-one software which can be installed on stand-alone devices or network equipment such as smart edge devices and even IoT devices
There are some over-the counter security tools, and anti-malwares based on developed countries. However, there is not such tool available in Malaysia.
The current solutions are heavy for fog devices, and they cannot detect multiple types of attacks. Most of the current solution are cloud-based which are delay prone and not privacy preserving.
Snort by Cisco , Suricata by The Open Information Security Foundation (OISF) ,Zeek by International Computer Science Institute (ICSI) in Berkeley, CA. ICSI is a 501
ALI BIN SELAMAT
MALAYSIA-JAPAN INTERNATIONAL INSTITUTE OF TECHNOLOGY
ALI BIN SELAMAT
MALAYSIA-JAPAN INTERNATIONAL INSTITUTE OF TECHNOLOGY
SHILAN SAMEEN HAMEED ALJAF
MALAYSIA-JAPAN INTERNATIONAL INSTITUTE OF TECHNOLOGY