Читать книгу Service Level Management in Emerging Environments - Nader Mbarek - Страница 34

In accordance with recommendations made by the GSMA (Global System for Mobile Communications Association), a commercial organization that represents the interest of 800 mobile operators around the world, availability was brought to the fore, while indicating that nodes must be capable of continuous communication with each other, with users and with back-end services (GSMA 2016). The European iCore project ((Internet Connected Objects for Reconfigurable Ecosystem) (Menoret 2012), funded by FP7 (October 2011–October 2014), defines the security requirements that must be taken into consideration in a framework concerning the IoT. The framework, called the “Open Cognitive framework” takes into account three levels: Virtual Objects (VO), which offers a virtual representation of objects; Composite Virtual Objects (CVO), which represents the fusions of several VOs; and the user level. This framework makes it possible to ensure that objects are re-used in these services, thus allowing a certain redundancy in order to improve availability. Similarly, the fusion of some VO through the CVOs ensures better availability. A semantic description of object capabilities allows this reutilization. The iCore project also puts forth recommendations to be respected in different practical use cases in the IoT. Thus, the report (Menore 2012) emphasizes the idea of providing mechanisms to protect information infrastructure against DoS threats and to implement the mechanisms required to support the recovery of service after a failure.

The research described in Nagara et al. (2017) specifies a portable DoS testing tool that is based on a software for IoT devices. This DoS test must be carried out at the design and development stage of the product. The tool consists of an attacking entity and a monitor. The attacker carries out a DoS attack on the target device (that is, the IoT object) and transmits information on the traffic to the monitor. In this context, the “Mirai” attack was used and targeted the devices using Linux to transform them into “bots” that could be remotely controlled and used for a large-scale network attack. The tool effectively verifies whether the IoT devices are resistant or vulnerable to DoS-type attacks.