New Attacks on Cloud Container-Based IoT Systems in 5G-Advanced and Beyond

The Internet of Things (IoT) devices generate a large amount of data that get processed in the cloud. Typically, different IoT devices will be allocated to the same Fifth Generation (5G) mobile network slice, on which the IoT services will be using different containers. While cloud containers can of...

Full description

Saved in:
Bibliographic Details
Main Authors: Pimpalkar, Yogita, Ravindran, Sharvari, Bapat, Jyotsna, Das, Debabrata
Format: Conference Proceeding
Language:English
Subjects:
5G mobile communication
Batteries
Cloud computing
Cloud Container-Based Energy Depletion Attacks (CC-EDA)
Cloud Container-Based Synergistic Power attacks (CC-SPA)
Containers
Dockers
Information leakage
Internet of Things (IoT)
Network slicing
Systematics
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The Internet of Things (IoT) devices generate a large amount of data that get processed in the cloud. Typically, different IoT devices will be allocated to the same Fifth Generation (5G) mobile network slice, on which the IoT services will be using different containers. While cloud containers can offer many benefits, they also introduce new security risks from co-resident containers that can be particularly problematic for IoT devices. The need for long-lasting batteries is essential for the success of wireless-connected IoT devices, particularly in applications where regular battery replacement is impractical or impossible. Energy Depletion Attacks (EDA) can drastically reduce the lifespan of IoT sensor device batteries, whereas Synergistic Power Attacks (SPA) can cause power outages in data centers and disrupt critical services. Although EDA and SPA have been studied in the literature, the IoT cloud information leakages with the advent of network slicing concepts in 5G and 6G leading to these attacks have not been addressed yet. This paper presents comprehensive studies of 5G-Advanced IoT cloud framework and related attacks. It reveals novel systematic methods through which powerful stealth Cloud Container-Based EDA (CC-EDA) and Cloud Container-Based SPA (CC-SPA) can be launched. These attacks are difficult to detect as the attacker impersonates a valid IoT management system and manipulates the system's behavior. With a quantitative assessment of the performance of a battery under attack, this paper additionally shows that an aggressive CC-EDA will be deeply damaging and can bring down the entire IoT network within a day. Possible mitigation strategies to address the security concerns associated with IoT cloud-based attacks are proposed.
ISSN:2766-2101
DOI:10.1109/CONECCT57959.2023.10234780