Recent advancements in technology have enabled the interconnection of appliances and devices in homes, offices, and factories through the Internet of Things (IoT), streamlining processes, improving jobs, and enhancing our quality of life.
The Internet of Things refers to everyday devices connected to the Internet, allowing them to communicate, share data, and improve processes. For example, a car can connect to your house, which interacts with various devices both inside and outside the home.
Connecting everyday items on such a large scale can pose serious risks, particularly when processing sensitive or personal data.
Making IoT Networks Safer
A group of experts, led by researchers from the Universitat Oberta de Catalunya (UOC) and the Institut Polytechnique de Paris (IP Paris), has created a system to ensure that data from IoT networks is safe, accurate, and trustworthy.
This system is especially helpful in areas where connected devices have limited computing power and storage.
Lead author, Omair Faraj, a PhD student in the Network and Information Technologies program at both the UOC and Télécom SudParis of IP Paris, said:
“We’ve developed a zero-watermarking system, which does not modify the original data but can incorporate information about its source, ensuring tamper-proof transmission over the network.”
This innovative method is called ZIRCON, which stands for Zero-Watermarking-Based Data Provenance for IoT Networks. Its designers created it to guarantee data integrity and ensure that the origin of the data can be verified and trusted in IoT networks.
Faraj said:
“ZIRCON uses a zero-watermarking technique without amendment to the data itself, in which a unique watermark is generated from the metadata – similar to the IP address of a device – but without embedding this watermark directly in the original data.”
This way, the system stores the watermark in a separate network database, which cannot be tampered with and is protected from outside interference.
Faraj, together with Professor Joaquín García Alfaro, full professor and researcher at Télécom SudParis, and Professor David Megías, KISON lead researcher and director of the Internet Interdisciplinary Institute (IN3), wrote about their research in the peer-reviewed journal Journal of Information Security and Applications (citation below).
Challenges and Risks in IoT Security
Systems that are based on the IoT face challenges different from those of other digital environments due to their unique characteristics. IoT devices often use less bandwidth, have shorter battery life, and limited processing power.
As the IoT continues to grow and expand, it brings significant risks. Managing data is particularly challenging because its dynamic and highly interconnected nature makes it more vulnerable, particularly at the points where devices connect.
Since most IoT devices have limited computational power, it is difficult to implement advanced security and encryption techniques, increasing the chances of data being intercepted, altered, or falsified.
November 30th was International Computer Security Day. It served as a reminder to raise awareness about the importance of secure, reliable, and verified computing systems. It highlighted the potential consequences of cybersecurity risks, which can impact vital sectors such as electricity networks, traffic systems, and infrastructure.
ZIRCON System
The ZIRCON system, which works well in devices with limited computing power, is ideal for solving these types of conflicts. The system is not power-hungry; it has low energy requirements.
We can use the ZIRCON system in a wide range of digital environments, transforming them into secure and reliable networks at every stage of interconnection.
“It’s an ideal solution for IoT devices with limited resources,” Faraj added.
The researchers also noted that this system is highly resistant to both passive and active attacks, including data manipulation, packet replay, and provenance forgery.
Faraj said:
“Our results indicate that ZIRCON is superior to traditional methods, especially because of its lightweight processing, efficient use of bandwidth, and reduced energy consumption.”
Secure transmission
One key aspect of ZIRCON is its ability to confirm the accuracy of data at every step within an IoT network. This capability ensures secure, end-to-end data transmission and addresses issues related to data integrity in applications running on connected devices.
According to the researchers, ZIRCON is highly resistant to attacks, lightweight in design, and optimized for efficient data storage, energy use, and bandwidth usage, outperforming earlier methods.
The design of this innovative system creates new possibilities for enhancing network security.
“Future projects will be able to explore the integration of ZIRCON with other cryptographic methods and its application in emerging environments,” Faraj concluded.
The research received support from the ARTEMISA International Cybersecurity Chair, the DANGER Strategic Cybersecurity Project (backed by the Spanish National Cybersecurity Institute), Spain’s Ministry of Science, Innovation and Universities, and the Cyber CNI Chair at the Institut Mines-Télécom in France. It also received funding through the NextGenerationEU scheme and the Recovery, Transformation and Resilience Plan.
This UOC research contributes to UN Sustainable Development Goal (SDG) 9: Industry, Innovation and Infrastructure.
Citation
Omair Faraj, David Megías, Joaquin Garcia-Alfaro, ZIRCON: Zero-watermarking-based approach for data integrity and secure provenance in IoT networks, Journal of Information Security and Applications, Volume 85, 2024, 103840, ISSN 2214-2126
https://doi.org/10.1016/j.jisa.2024.103840