Search

Your search keyword '"Metongnon, Lionel"' showing total 14 results
Start Over Author "Metongnon, Lionel"
14 results on '"Metongnon, Lionel"'

1. Reputation Rating Algorithm for BGP Links

Author

Arouna, Hospice Alfred, Metongnon, Lionel, Lobelle, Marc, Akan, Ozgur, Series Editor, Bellavista, Paolo, Series Editor, Cao, Jiannong, Series Editor, Coulson, Geoffrey, Series Editor, Dressler, Falko, Series Editor, Ferrari, Domenico, Series Editor, Gerla, Mario, Series Editor, Kobayashi, Hisashi, Series Editor, Palazzo, Sergio, Series Editor, Sahni, Sartaj, Series Editor, Shen, Xuemin (Sherman), Series Editor, Stan, Mircea, Series Editor, Xiaohua, Jia, Series Editor, Zomaya, Albert Y., Series Editor, Odumuyiwa, Victor, editor, Adegboyega, Ojo, editor, and Uwadia, Charles, editor

Published
2018
Full Text
View/download PDF

2. OPENPOSLIB: A library to achieve centimetric geo-spatial positioning on a budget

Author

UCL - SST/ICTM/INGI - Pôle en ingénierie informatique, Metongnon, Lionel, Strebelle, Sébastien, Duchêne, Fabien, Legay, Axel, Sadre, Ramin, UCL - SST/ICTM/INGI - Pôle en ingénierie informatique, Metongnon, Lionel, Strebelle, Sébastien, Duchêne, Fabien, Legay, Axel, and Sadre, Ramin

Abstract

Positioning systems can be found everywhere, from the navigation system of a car to the smart watch that tracks the running performances of its wearer. With the generalization of positioning systems, new use cases have begun to emerge that require or could benefit from increased accuracy. While the technology has been detailed in the literature for several years, the deployment of positioning techniques at the centimeter level has proved challenging. In this paper we propose OpenPosLib, an open source library that aims to fill the gap between all the components needed to achieve a centimetric accuracy and the user-facing application. Our objective is to remove most of the complexity needed to obtain centimetric accuracy from the developer so as to enable end-users to reap the benefits of more applications that leverage centimetric accuracy. Our results show that when coupled with inexpensive hardware, OpenPosLib enables users to get centimetric precision on a budget.

Published
2021

3. Distributed attacks detection and mitigation for the Internet of Things

Author

Metongnon, Lionel, UCL - SST/ICTM/INGI - Pôle en ingénierie informatique, UCL - Ecole Polytechnique de Louvain, Pêcheur, Charles, Bonaventure, Olivier, Sperroto, Anna, Quoitin, Bruno, Ezin, Eugene, and Sadre, Ramin

Subjects
Internet of Things, Network security, Middleboxes
Abstract

The term Internet of Things (IoT) refers to the increasing number of devices that are connected to communication networks and are able to exchange data autonomously. The proliferation of such devices of various types (refrigerator, sensor, television, camera, etc.) with permanent access to the Internet has led to new security problems. In fact, their large number and the lack of state-of-the-art protection mechanisms have made IoT devices interesting targets of cyber-attacks. An early example was the Mirai malware that infected poorly protected IoT devices and misused them for powerful attacks against other Internet hosts. In order to understand the nature of attacks related to the Internet of Things, the thesis starts with a study of the current IoT threat landscape. To this end, we have collected and studied data from a network telescope and various honeypots for IoT-specific application protocols. Our analysis has shown that although most attackers still target the unsecured telnet protocol, attempts against newer IoT protocols can be also observed. To help network operators to discover IoT devices in their networks, we have developed a new scan algorithm tailored to resource-constrained networks. We have shown that our approach reduces the time required to scan an IPv6 network by more than 35%, while maintaining a discovery rate of more than 95%. Finally, we have developed an intrusion detection and protection system in the form of a distributed architecture that detects abnormal behaviour and limits machine-to-machine communication according to policies defined by the device owners. In particular, our solution enables to stop attacks at their sources thanks to a hierarchical organization of inter-connected middleboxes. Traditional Internet services such as web servers are also protected against attacks originating from the monitored IoT devices. Le terme "Internet des objets" (IoT) fait référence aux nombres croissants d’appareils connectés à des réseaux de communication et capables d’échanger des informations de manière autonome. La prolifération de ces appareils de divers types (réfrigérateur, capteur, télévision, caméra, etc.) ayant en prime l’accès à l’internet a entraîné de nouveaux problèmes de sécurité. En effet, vu leur grand nombre couplée à l’absence de mécanismes de protection, ces appareils connectés sont devenus la cible favorite pour les cyber-attaques. Un exemple récent est le malware Mirai qui a infecté beaucoup appareils connectés mal protégés et les a utilisés pour commettre de puissantes attaques contre d’autres hôtes sur Internet. Afin de comprendre la nature des attaques liées à l’internet des objets, nous avons commencé notre thèse par une étude des menaces actuelles liées aux appareils connectés. Nous avons à cette fin recueilli et étudié les données d’un télescope rśeau couplé à divers honeypots utilisant des protocoles applications spécifiques aux IoT. Notre analyse a montré que malgré que les attaquants ciblent encore en majorité le protocole non sécurisé telnet, des tentatives contre les nouveaux protocoles de l’IoT sont tout de même présentes. Dans le but d’aider les opérateurs de réseau à découvrir les appareils connectés dans leurs réseaux, nous avons ensuite mis au point un nouvel algorithme d’analyse adapté aux réseaux à ressources limitées. Nous avons montré que notre approche réduit de plus de 35% le temps nécessaire pour l’analyse d’un réseau IPv6, tout en maintenant un taux de découverte de plus de 95% des appareils présents. Enfin, nous avons développé un système de détection et de protection contre les intrusions sous la forme d’architecture distribuée de middleboxes qui détecte les comportements anormaux et qui limite les communications de machine à machine selon des politiques prédéfinies par les propriétaires d’appareils connectés. Notre solution permet notamment de stopper les attaques depuis leurs sources grâce à une organisation hiérarchique de middleboxes. Notre système permet également de protéger les services Internet traditionnels, tels que les serveurs web contre les attaques provenant des appareils connectés surveillés. (FSA - Sciences de l'ingénieur) -- UCL, 2020

Published
2020

5. Prevalence of IoT Protocols in Telescope and Honeypot Measurements

Author

UCL - SST/ICTM/INGI - Pôle en ingénierie informatique, Metongnon, Lionel, Sadre, Ramin, UCL - SST/ICTM/INGI - Pôle en ingénierie informatique, Metongnon, Lionel, and Sadre, Ramin

Abstract

With the arrival of the Internet of Things (IoT), more devices appear online with default credentials or lacking proper security protocols. Consequently, we have seen a rise of powerful DDoS attacks originating from IoT devices in the last years. In most cases the devices were infected by bot malware through the telnet protocol. This has lead to several honeypot studies on telnet-based attacks. However, IoT installations also involve other protocols, for example for Machine-to-Machine communication. Those protocols often provide by default only little security. In this paper, we present a measurement study on attacks against or based on those protocols. To this end, we use data obtained from a /15 network telescope and three honey-pots with 15 IPv4 addresses. We find that telnet-based malware is still widely used and that infected devices are employed not only for DDoS attacks but also for crypto-currency mining. We also see, although at a much lesser frequency, that attackers are looking for IoT-specific services using MQTT, CoAP, UPnP, and HNAP, and that they target vulnerabilities of routers and cameras with HTTP.

Published
2019

6. Distributed Middlebox Architecture for IoT Protection

Author

UCL - SST/ICTM/INGI - Pôle en ingénierie informatique, Metongnon, Lionel, Sadre, Ramin, Ezin, Eugene C., 2019 15th International Conference on Network and Service Management (CNSM), UCL - SST/ICTM/INGI - Pôle en ingénierie informatique, Metongnon, Lionel, Sadre, Ramin, Ezin, Eugene C., and 2019 15th International Conference on Network and Service Management (CNSM)

Abstract

The Internet of Things (IoT) is not one single entity, but a collection of different devices, communication technologies, protocols and services. IoT systems can span a large number of individually managed networks that are interconnected through the Internet and host the different components of an IoT application, such as sensor devices, storage servers and data processing services. Protecting such a complex multiparty system from abuse becomes a very challenging task. New difficulties arise everyday when policies are updated or new collaborations and federations appear between entities. Moreover, hacked IoT devices can also become the source of powerful attacks, as the Mirai malware has demonstrated, and therefore a danger for the other involved parties. In this paper, we propose an approach to improve the management and protection of collaborating IoT systems using distributed intrusion detection and permission-based access control. Our approach is based on interconnected middleboxes that monitor the communication between the various IoT networks and are able to stop incoming as well as outgoing attacks. We evaluate our approach through experiments with different types of attacks.

Published
2019

9. Beyond Telnet: Prevalence of IoT Protocols in Telescope and Honeypot Measurements

Author

UCL - SST/ICTM/INGI - Pôle en ingénierie informatique, Metongnon, Lionel, Sadre, Ramin, ACM SIGCOMM 2018 Workshop on Traffic Measurements for Cybersecurity (WTMC 2018), UCL - SST/ICTM/INGI - Pôle en ingénierie informatique, Metongnon, Lionel, Sadre, Ramin, and ACM SIGCOMM 2018 Workshop on Traffic Measurements for Cybersecurity (WTMC 2018)

Abstract

With the arrival of the Internet of Things (IoT), more devices appear online with default credentials or lacking proper security protocols. Consequently, we have seen a rise of powerful DDoS attacks originating from IoT devices in the last years. In most cases the devices were infected by bot malware through the telnet protocol. This has lead to several honeypot studies on telnet-based attacks. However, IoT installations also involve other protocols, for example for Machine-to-Machine communication. Those protocols often provide by default only little security. In this paper, we present a measurement study on attacks against or based on those protocols. To this end, we use data obtained from a /15 network telescope and three honey-pots with 15 IPv4 addresses. We find that telnet-based malware is still widely used and that infected devices are employed not only for DDoS attacks but also for crypto-currency mining. We also see, although at a much lesser frequency, that attackers are looking for IoT-specific services using MQTT, CoAP, UPnP, and HNAP, and that they target vulnerabilities of routers and cameras with HTTP.

Published
2018

10. Efficient probing of heterogeneous IoT networks

Author

Metongnon, Lionel, Ezin, Eugene C., Sadre, Ramin, 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), and UCL - SST/ICTM/INGI - Pôle en ingénierie informatique

Subjects
IoT, network technology, Computer science, Network security, heterogeneous IoT networks, Internet of Things, network scan, Context (language use), 02 engineering and technology, Network scans, Bandwidth, computer network security, hardware heterogeneity, Server, network security, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), IEEE 802.11 Standard, Fingerprinting, interconnectivity, complex security protocols, 6LoWPAN, personal area networks, Internet, business.industry, Bandwidth (signal processing), software heterogeneity, 020206 networking & telecommunications, Cryptographic protocol, active network measurements, IEEE 802.15 Standard, Security, intrusion protection system, Probes, 020201 artificial intelligence & image processing, The Internet, IoT devices, business, Active networking, Computer network
Abstract

The Internet of Things leads to the inter-connectivity of a wide range of devices. This heterogeneity of hardware and software poses significant challenges to security. Constrained IoT devices often do not have enough resources to carry the overhead of an intrusion protection system or complex security protocols. A typical initial step in network security is a network scan in order to find vulnerable nodes. In the context of IoT, the initiator of the scan can be particularly interested in finding constrained devices, assuming that they are easier targets. In IoT networks hosting devices of various types, performing a scan with a high discovery rate can be a challenging task, since low-power networks such as IEEE 802.15.4 are easily overloaded. In this paper, we propose an approach to increase the efficiency of network scans by combining them with active network measurements. The measurements allow the scanner to differentiate IoT nodes by the used network technology. We show that the knowledge gained from this differentiation can be used to control the scan strategy in order to reduce probe losses.

Published
2017

11. Efficient probing of heterogeneous IoT networks

Author

UCL - SST/ICTM/INGI - Pôle en ingénierie informatique, Metongnon, Lionel, Ezin, Eugene C., Sadre, Ramin, 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), UCL - SST/ICTM/INGI - Pôle en ingénierie informatique, Metongnon, Lionel, Ezin, Eugene C., Sadre, Ramin, and 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)

Abstract

The Internet of Things leads to the inter-connectivity of a wide range of devices. This heterogeneity of hardware and software poses significant challenges to security. Constrained IoT devices often do not have enough resources to carry the overhead of an intrusion protection system or complex security protocols. A typical initial step in network security is a network scan in order to find vulnerable nodes. In the context of IoT, the initiator of the scan can be particularly interested in finding constrained devices, assuming that they are easier targets. In IoT networks hosting devices of various types, performing a scan with a high discovery rate can be a challenging task, since low-power networks such as IEEE 802.15.4 are easily overloaded. In this paper, we propose an approach to increase the efficiency of network scans by combining them with active network measurements. The measurements allow the scanner to differentiate IoT nodes by the used network technology. We show that the knowledge gained from this differentiation can be used to control the scan strategy in order to reduce probe losses.

Published
2017

12. Fast and efficient probing of heterogeneous IoT networks

Author

UCL - SST/ICTM/INGI - Pôle en ingénierie informatique, Metongnon, Lionel, Sadre, Ramin, UCL - SST/ICTM/INGI - Pôle en ingénierie informatique, Metongnon, Lionel, and Sadre, Ramin

Abstract

The Internet of Things (IoT) leads to the interconnectivity of a wide range of device types running an equally wide range of operating systems and applications. This heterogeneity of hardware and software poses significant challenges to security. Constrained IoT devices often do not have enough resources to carry the overhead of an intrusion protection system or complex security protocols. Furthermore, they are often not properly managed and updated. Network scans are a valuable tool to discover vulnerable devices. In the context of IoT, the initiator of the scan can be particularly interested in finding constrained devices, assuming that they are easier targets for attacks. However, in IoT networks hosting devices of various types, performing a scan with a high discovery rate can be a challenging task, since a scan working well for, eg, a WiFi network might easily overload a low-power network such as IEEE 802.15.4. In this paper, we propose an approach to increase the efficiency of network scans in heterogeneous environments by combining them with active round-trip time measurements. The measurements allow the scanner to differentiate IoT nodes by the used network technology. Using the knowledge gained from this differentiation, our approach adapts the scan strategy to reduce probe losses, and hence the speed and efficiency of the scan. We validate our approach through simulations of a mixed IoT infrastructure consisting of WiFi and multihop IEEE 802.15.4 subnetworks.

Published
2017

14. Fast and efficient probing of heterogeneous IoT networks.

Author

Metongnon, Lionel and Sadre, Ramin

Subjects
COMPUTER operating systems, INTERNET of things, COMPUTER network protocols, COMPUTER security, WIRELESS LANs
Abstract

The Internet of Things (IoT) leads to the interconnectivity of a wide range of device types running an equally wide range of operating systems and applications. This heterogeneity of hardware and software poses significant challenges to security. Constrained IoT devices often do not have enough resources to carry the overhead of an intrusion protection system or complex security protocols. Furthermore, they are often not properly managed and updated. Network scans are a valuable tool to discover vulnerable devices. In the context of IoT, the initiator of the scan can be particularly interested in finding constrained devices, assuming that they are easier targets for attacks. However, in IoT networks hosting devices of various types, performing a scan with a high discovery rate can be a challenging task, since a scan working well for, eg, a WiFi network might easily overload a low-power network such as IEEE 802.15.4. In this paper,we propose an approach to increase the efficiency of network scans in heterogeneous environments by combining them with active round-trip time measurements. The measurements allow the scanner to differentiate IoT nodes by the used network technology.Using the knowledge gained from this differentiation, our approach adapts the scan strategy to reduce probe losses, and hence the speed and efficiency of the scan. We validate our approach through simulations of a mixed IoT infrastructure consisting of WiFi and multihop IEEE 802.15.4 subnetworks. [ABSTRACT FROM AUTHOR]

Published
2018
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results