Skip to Main content Skip to Navigation
Theses

Détection d'intrusion dans des environnements connectés sans-fil par l'analyse des activités radio

Jonathan Roux 1
1 LAAS-TSF - Équipe Tolérance aux fautes et Sûreté de Fonctionnement informatique
LAAS - Laboratoire d'analyse et d'architecture des systèmes
Abstract : The massive deployment of connected objects, forming the Internet of Things (IoT), is now disrupting traditional network environments. These objects, previously connectivity-free, are now likely to introduce additional vulnerabilities into the environments that integrate them. The literature today paints an unflattering picture of the security of these objects, which are increasingly becoming prime targets for attackers who see them as new exploitable surfaces to penetrate previously secure environments. In addition, the wireless means of communication used by these objects are numerous, with very heterogeneous characteristics at all protocol levels. Particularly in terms of the frequencies used, which make it difficult to analyse and monitor the environments that are equipped with them. These issues, and in particular the strong heterogeneity of these numerous protocols, call into question the traditional solutions used to ensure the security of the exchanges carried out. However, the explosion in the number of these objects requires security architectures that are adapted to these new issues. In this thesis, we are interested in monitoring and detecting anomalies that may occur in any wireless means of communication used in the IoT. We found a critical lack of solutions with the ability to analyze all exchanges, regardless of the protocol used. To answer this question, we propose a new security architecture based on the monitoring of physical radio signals, making it possible to free oneself from protocol knowledge and therefore to be generic. Its objective is to learn the model of legitimate radio behaviour in an environment using radio probes, then to identify deviations from this model, which may correspond to anomalies or attacks. The description of this architecture is the first contribution of this thesis. We then studied the applicability of our solution in different contexts, each with its own characteristics. The first study, corresponding to our second contribution, consists in proposing an implementation and deployment of our approach in connected homes. The evaluation of the latter in the face of real attacks injected into radio space and its results show the relevance of our approach in these environments. Finally, the last contribution studies the adaptation and deployment of our generic solution to professional environments where the presence of expert users promotes the integration of advanced diagnostic information to identify the origins of an anomaly. The subsequent evaluation and the results associated with each of the diagnostic mechanisms implemented demonstrate the value of our approach in heterogeneous environments.
Document type :
Theses
Complete list of metadatas

Cited literature [88 references]  Display  Hide  Download

https://hal.laas.fr/tel-02880658
Contributor : Abes Star :  Contact
Submitted on : Thursday, October 22, 2020 - 11:06:27 AM
Last modification on : Saturday, October 24, 2020 - 3:32:42 AM

File

2020TOU30011a.pdf
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-02880658, version 2

Citation

Jonathan Roux. Détection d'intrusion dans des environnements connectés sans-fil par l'analyse des activités radio. Informatique mobile. Université Paul Sabatier - Toulouse III, 2020. Français. ⟨NNT : 2020TOU30011⟩. ⟨tel-02880658v2⟩

Share

Metrics

Record views

70

Files downloads

56