Mobile Security Operation Centre (mSOC)
DOI:
https://doi.org/10.4108/eetiot.4586Keywords:
Internet, NIDS, IoT, NGFW, Raspberry Pi, SIEMAbstract
Attacks on the internet are becoming increasingly threatening. For naïve home users, who are poorly protected, there is always an imminent danger of getting cyber attacked.
This paper is aimed to design and build an IoT-based Network Security device that would run as an access point for users to connect to the Internet in a home setting. The paper discusses a standalone perimeter security solution with Incident Response (IR) life cycle management and controls through an IoT device – Raspberry PI. Enterprise-level features such as Next Generation Firewall (NGFW), Network Intrusion Detection System (NIDS), Domain Control for Ad/Spam blocking, Security Information and Event Management (SIEM) for Log Co-ran System on Chip (SoC), which can be installed anywhere and carried for mobile operations. Hence, the name, Mobile Security Operation Centre (mSOC).
This solution intends to protect the user when browsing the internet and blocking or providing visibility to the malicious connections made to or from users. The mSOC can filter domains based on whitelist/blacklist and Regex Pattern. It can also identify the domains that are blocked or allowed. It also provides visibility to traffic, application statistics, and IP reputation. IP reputation and Malicious Domains then can act as input to the iptables for L3/L4 blocking. A Software User Interface is developed to integrate and manage multiple Open-Sourced applications like dnsmasq/ elk/ graylog/ SQlite3/ Iptables/ adminlte as a single product that could serve as a complete security solution for a home or Small Medium Business (SMB). Thus, the proposed solution secures naïve users from security exploitations.
Downloads
References
S. Kemp, "datareportal," 21 04 2022. [Online]. Available: https://datareportal.com/reports/digital-2022-april-global-statshot.
S. O'Brien, "The anatomy of a phishing email," 24 05 2018. [Online]. Available: https://securityitsummit.co.uk/briefing/guest-blog-the-anatomy-of-a-phishing-email/.
Febrian Rachmad Hariawan, Septia Ulfa Sunaringtyas, "Design an Intrusion Detection System, Multiple Honeypot and Packet Analyzer Using Raspberry Pi 4 for Home Network", 2021 17th International Conference on Quality in Research (QIR): International Symposium on Electrical and Computer Engineering, pp.43-48, 2021. DOI: https://doi.org/10.1109/QIR54354.2021.9716189
SARATH S, ASIF A, ARAVIND P, "Low-cost Security Solution for Micro, Small and Medium Enterprises", 2020 IEEE International Conference for Innovation in Technology (INOCON), pp.1-9, 2020. DOI: https://doi.org/10.1109/INOCON50539.2020.9298273
M. Coşar and S. Karasartova, "A firewall application on SOHO networks with Raspberry Pi and snort," 2017 International Conference on Computer Science and Engineering (UBMK), 2017, pp. 1000-1003, doi: 10.1109/UBMK.2017.8093414. DOI: https://doi.org/10.1109/UBMK.2017.8093414
Jose Emmanuel Cruz de la Cruz, Christian Augusto Romero Goyzueta, Cristian Delgado Cahuana, "Intrusion Detection and Prevention System for Production Supervision in Small Businesses Based on Raspberry Pi and Snort", 2020 IEEE XXVII International Conference on Electronics, Electrical Engineering and Computing (INTERCON), pp.1-4, 2020. DOI: https://doi.org/10.1109/INTERCON50315.2020.9220240
Shyava Tripathi, Rishi Kumar, "Raspberry Pi as an Intrusion Detection System, a Honeypot and a Packet Analyzer", 2018 International Conference on Computational Techniques, Electronics and Mechanical Systems (CTEMS), pp.80-85, 2018. DOI: https://doi.org/10.1109/CTEMS.2018.8769135
G. Vira Yudha and R. Wisnu Wardhani, "Design of a Snort-based IDS on the Raspberry Pi 3 Model B+ Applying TaZmen Sniffer Protocol and Log Alert Integrity Assurance with SHA-3," 2021 9th International Conference on Information and Communication Technology (ICoICT), 2021, pp. 556-561, doi: 10.1109/ICoICT52021.2021.9527511. DOI: https://doi.org/10.1109/ICoICT52021.2021.9527511
Thomas Scheffler "Schematic-data-flow-in-the-Snort-IDS" 01 07 2012. [Online] Available: https://www.researchgate.net/figure/Schematic-data-flow-in-the-Snort-IDS_fig1_264149701
REJack, "AdminLTE v3.2.0" 08 02 2022. [Online]. Available: https://github.com/ColorlibHQ/AdminLTE/releases
L. Nagy and A. Coleşa, "Router-based IoT Security using Raspberry Pi," 2019 18th RoEduNet Conference: Networking in Education and Research (RoEduNet), 2019, pp. 1-6, doi: 10.1109/ROEDUNET.2019.8909551. DOI: https://doi.org/10.1109/ROEDUNET.2019.8909551
Ghosh H, Rahat IS, Shaik K, Khasim S, Yesubabu M. Potato Leaf Disease Recognition and Prediction using Convolutional Neural Networks. EAI Endorsed Scal Inf Syst [Internet]. 2023 Sep. 21 [cited 2023 Sep. 22];.https://doi.org/10.4108/eetsis.3937 DOI: https://doi.org/10.4108/eetsis.3937
Alenezi, F.; Armghan, A.; Mohanty, S.N.; Jhaveri, R.H.; Tiwari, P. Block-Greedy and CNN Based Underwater Image Dehazing for Novel Depth Estimation and Optimal Ambient Light. Water 2021, 13, 3470. https://doi.org/10.3390/w13233470 DOI: https://doi.org/10.3390/w13233470
G. P. Rout and S. N. Mohanty, "A Hybrid Approach for Network Intrusion Detection," 2015 Fifth International Conference on Communication Systems and Network Technologies, Gwalior, India, 2015, pp. 614-617, doi: 10.1109/CSNT.2015.76. DOI: https://doi.org/10.1109/CSNT.2015.76
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2023 EAI Endorsed Transactions on Internet of Things
This work is licensed under a Creative Commons Attribution 3.0 Unported License.
This is an open-access article distributed under the terms of the Creative Commons Attribution CC BY 3.0 license, which permits unlimited use, distribution, and reproduction in any medium so long as the original work is properly cited.
