Validation of Cybersecurity Framework for Threat Mitigation

Abstract

Currently on the Internet there are many threats that threaten the security of the information of users who daily access this network using different devices that connect from their homes or organizations that in many cases do not have security controls enough and end up exposing themselves to all those threats that grow over time. That is why this article aims to propose the validation of a cybersecurity framework that allows mitigating and reducing risks to increase security levels through the implementation of controls for homes and organizations using emerging technologies such as: IoT, Blockchain and Deep Learning. The foregoing was carried out with the methodological approach of action research starting from the improvement of the process in search of transformation, thus obtaining as results the integration of the aforementioned methodologies for the detection of possible malicious hosts within an internal network through an intelligent analysis of the traffic that passes through the same network in order to intelligently generate rules in intrusion detection systems (IDS) in an automated way and that these rules can in turn be distributed through a secure channel using the Blockchain technology, to finally guarantee the integrity of said rules and that also allows maintaining the immutability and synchronization of the same information with all the devices connected to the framework.

Keywords

Threats, Bloackchain, Cybersecurity, Framework, Risks, Validation

Author Biography

Yeison-Isaac Llanten-Lucio

Roles: Investigation, Methodology, Writing-review and editing.

Siler Amador-Donado

Roles: Investigation, Methodology, Writing-review and editing.

Katerine Marceles-Villalba

Roles: Investigation, Methodology, Writing-review and editing.

References

• D. Corral Henández, "5G, una carrera por la hegemonía y el futuro con muchos beneficios," Documento Marco del Instituto Español de estudios estratégicos, pp. 734–759, 2020.
• J. M. Aguilar Antonio, "La brecha de ciberseguridad en América Latina frente al contexto global de ciberamenazas," Revista de Estudios en Seguridad Internacional, vol. 6, no. 2, pp. 17–43, 2020. https://doi.org/10.18847/1.12.2 DOI: https://doi.org/10.18847/1.12.2
• S. Amador Donado, Y. I. Llante Lucio, K. Márceles Villlalba, "Arquitectura de un Framework de ciberseguridad inteligente basado en tecnología Blockchain para IoT," Revista Ingeniería y Competitividad, vol. 24, no. 2, pp. 1–13, 2022. https://doi.org/10.25100/iyc.v24i2.11761 DOI: https://doi.org/10.25100/iyc.v0i00.11761
• J. Pérez Sifre, "IDS de red para la detección de ataques sobre SSH y FTP," Masther Thesis, Universidad de Alicante, Spain, 2020.
• A. Valencia, P. Portilla, "Internet Industrial de las Cosas (IIOT): Nueva Forma de Fabricación Inteligente," Grade Thesis, Fundación Universitaria de Popayán, Colombia, 2019.
• N. Duminil, AWS Lambda - Développez des micro-services en Java sur la plateforme serverless d’Amazon, 2016. https://static.fnac-static.com/multimedia/editorial/pdf/9782409028359.pdf
• Hyperledger, Hyperledger Fabric, 2022. https://www.hyperledger.org/wp-content/uploads/2020/03/hyperledger_fabric_whitepaper.pdf
• J. P. Buddha, R. Beesetty, The Definitive Guide to AWS Application Integration, Berkeley, CA: Apress, 2019. https://doi.org/10.1007/978-1-4842-5401-1 DOI: https://doi.org/10.1007/978-1-4842-5401-1
• K. Raj Neupane, "Serverless full-stack web application development guidelines with AWS Amplify framework," Grade Thesis, Haaga-Helia University of Applied Sciences, Finlande, 2022.
• H. Tian, X. Ge, J. Wang, C. Li, H. Pan, "Research on distributed blockchain-based privacy-preserving and data security framework in IoT," IET Communications, vol. 14, no. 13, pp. 2038–2047, 2020. https://doi.org/10.1049/iet-com.2019.0485 DOI: https://doi.org/10.1049/iet-com.2019.0485
• C. Liang et al., "Intrusion Detection System for the Internet of Things Based on Blockchain and Multi-Agent Systems," Electronics, vol. 9, no. 7, e1120, 2020. https://doi.org/10.3390/electronics9071120 DOI: https://doi.org/10.3390/electronics9071120
• M. Shafiq, Z. Tian, Y. Sun, X. Du, M. Guizani, “Selection of effective Machine Learning algorithm and Bot-IoT attacks traffic identification for internet of things in smart city,” Future Generation Computer Systems, vol. 107, pp. 433-442, 2020. DOI: https://doi.org/10.1016/j.future.2020.02.017
• M. A. Cheema, H. K. Qureshi, C. Chrysostomou, M. Lestas, “Utilizing Blockchain for Distributed Machine Learning based Intrusion Detection in Internet of Things,” in 16th International Conference on Distributed Computing in Sensor Systems, 2020. DOI: https://doi.org/10.1109/DCOSS49796.2020.00074
• H. Sodhro, S. Pirbhulal, M. Muzammal, L. Zongwei, “Towards Blockchain-Enabled Security Technique for Industrial Internet of Things Based Decentralized Applications,” Journal of Grid Computing, vol. 18, pp. 615-628, 2020. DOI: https://doi.org/10.1007/s10723-020-09527-x
• Y. L. Lucio, K. M. Villalba, S. A. Donado, "Adaptive Blockchain Technology for a Cybersecurity Framework in IIoT," IEEE Revista Iberoamericana de Tecnologias del Aprendizaje, e1, 2022. https://doi.org/10.1109/rita.2022.3166857 DOI: https://doi.org/10.1109/RITA.2022.3166857
• J. P. Lazarte Mendez, "Contendores Docker como estrategia de virtualización," Grade Thesis, Universidad Mayor de San Simón, Bolivia, 2019.
• J. Bautista Rosell, "Ataques DDoS con IoT, Análisis y Prevención de Riesgos," Grade Thesis, Universidad Carlos III de Madrid, Spain, 2019.
• M. A. Yandún Velasteguí, J. V. Hidalgo Guijarro, "Ejemplos prácticos en el laboratorio de cyberseguridad – UPEC,", SATHIRI, vol. 15, no. 2, pp. 273–289, 2020. https://doi.org/10.32645/13906925.1002 DOI: https://doi.org/10.32645/13906925.1002
• Y. Liu, X. Ma, J. Bailey, F. Lu, "Reflection Backdoor: A Natural Backdoor Attack on Deep Neural Networks," Lecture Notes in Computer Science, vol. 12355, pp. 182–199. https://doi.org/10.1007/978-3-030-58607-2_11 DOI: https://doi.org/10.1007/978-3-030-58607-2_11