Publication Type:

Conference Proceedings

Source:

2019 5th International Conference on Advanced Computing and Communication Systems, ICACCS 2019, Institute of Electrical and Electronics Engineers Inc., p.655-660 (2019)

ISBN:

9781538695333

URL:

https://www2.scopus.com/inward/record.uri?eid=2-s2.0-85067921332&doi=10.1109%2fICACCS.2019.8728533&partnerID=40&md5=5457feacf4155dc8b2d3f98fd53f3c7f

Keywords:

Authentication, Client server computer systems, Constrained Application Protocol (CoAP), Denial of Service, Denial-of-service attack, Internet of things, Internet of Things (IOT), Internet protocols, Man in the middle attacks, Network architecture, Network security, Proxy, Transport layer security, User datagram protocol

Abstract:

Over the last decade, a technology called Internet of Things (IoT) has been evolving at a rapid pace. It enables the development of endless applications in view of availability of affordable components which provide smart ecosystems. The IoT devices are constrained devices which are connected to the internet and perform sensing tasks. Each device is identified by their unique address and also makes use of the Constrained Application Protocol (CoAP) as one of the main web transfer protocols. It is an application layer protocol which does not maintain secure channels to transfer information. For authentication and end-to-end security, Datagram Transport Layer Security (DTLS) is one of the possible approaches to boost the security aspect of CoAP, in addition to which there are many suggested ways to protect the transmission of sensitive information. CoAP uses DTLS as a secure protocol and UDP as a transfer protocol. Therefore, the attacks on UDP or DTLS could be assigned as a CoAP attack. An attack on DTLS could possibly be launched in a single session and a strong authentication mechanism is needed. Man-In-The-Middle attack is one the peak security issues in CoAP as cited by Request For Comments(RFC) 7252, which encompasses attacks like Sniffing, Spoofing, Denial of Service (DoS), Hijacking, Cross-Protocol attacks and other attacks including Replay attacks and Relay attacks.In this work, a client-server architecture is setup, whose end devices communicate using CoAP. Also, a proxy system was installed across the client side to launch an active interception between the client and the server. The work will further be enhanced to provide solutions to mitigate these attacks.

Notes:

cited By 0; Conference of 5th International Conference on Advanced Computing and Communication Systems, ICACCS 2019 ; Conference Date: 15 March 2019 Through 16 March 2019; Conference Code:148637

Cite this Research Publication

S. Arvind and Anantha Narayanan V., “An Overview of Security in CoAP: Attack and Analysis”, 2019 5th International Conference on Advanced Computing and Communication Systems, ICACCS 2019. Institute of Electrical and Electronics Engineers Inc., pp. 655-660, 2019.