ABBA-IoT

Artificial Behavior Based Authentication for the Internet of Things


ABBA-IoT

ABBA-IoT stands for Artificial Behaviour Based Authentication for IoT. It is a data tampering and spoofing detection system that monitors a network of devices to detect anomalies in real-time.

What is it?

Strictly speaking it is an intrusion detection system that enables a central controler to monitor data from a network of devices for signs of intrusion by an attacker. This technique is based off of a weak form of authentication of the data transmitted by networked devices using pulses/heartbeats distributed pseudo-randomly over time. The pulse sequence is akin to a behaviour for any specific device, hence the name of the technique.

Origins

The development of ABBA was started by Dr. Raoul F. Guiazon with the support of the Royal Academy of Engineering and the Office of the Chief Science Adviser for National Security under the UK Intelligence Community Postdoctoral Fellowship Programme. The aim of this project is to improve the security of sensor networks - which are often at the foundation of many critical infrastructure - by increasing the probability of detection of malicious activities within the network. This project was selected amongst 28 other promising projects for commercial development through CyberASAP (Cyber security Academic Start-up Accelerator Programme). CyberASAP is funded by the UK Government’s Department for Digital, Culture, Media and Sport (DCMS) in partnership with Innovate UK and KTN.

Foundation

The algorithm implemented here is based on the article “ABBA: A quasi-deterministic Intrusion Detection System for the Internet of Things”. That article defines the conceptual structure and framework of the technique ABBA and provides mathematical proofs with respect to the probability of detection of an intruder given the types of primitives used in any practical implementation. Any such implementation like the one presented in our repository will come with different security garantees due to the primitives and parameters chosen.

Implementation

The code presented here is developed using Node-red a low-code programming tool for event-driven applications and based on Node.js. This was chosen for the ease of use and the flexibility it allows in quickly building and testing prototypes with easily available sensors.

Demo

Click on this youtube link to watch a video demonstration of the technology ABBA-IoT adapted and applied to a CAN network for a usecase in automotive.

Warning

The code available is at a very early stage of development an should only be used for testing and research purposes.

Open development

Please feel free to contribute to this project, the list of issues to address will be available shortly along with the long term vision for this project.