Design the IoT Botnet Defense Process for Cybersecurity in Smart City

The smart city comprises various infrastructures, including healthcare, transportation, manufacturing, and energy. A smart city’s Internet of Things (IoT) environment constitutes a massive IoT environment encompassing numerous devices. As many devices are installed, managing security for the entire IoT device ecosystem becomes challenging, and attack vectors accessible to attackers increase. However, these devices often have low power and specifications, lacking the same security features as general Information Technology (IT) systems, making them susceptible to cyberattacks. This vulnerability is particularly concerning in smart cities, where IoT devices are connected to essential support systems such as healthcare and transportation. Disruptions can lead to significant human and property damage. One representative attack that exploits IoT device vulnerabilities is the Distributed Denial of Service (DDoS) attack by forming an IoT botnet. In a smart city environment, the formation of IoT botnets can lead to extensive denial-of-service attacks, compromising the availability of services rendered by the city. Moreover, the same IoT devices are typically employed across various infrastructures within a smart city, making them potentially vulnerable to similar attacks. This paper addresses this problem by designing a defense process to effectively respond to IoT botnet attacks in smart city environments. The proposed defense process leverages the defense techniques of the MITRE D3FEND framework to mitigate the propagation of IoT botnets and support rapid and integrated decision-making by security personnel, enabling an immediate response.

Перевод пока недоступен