{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,12]],"date-time":"2025-03-12T04:17:56Z","timestamp":1741753076464,"version":"3.38.0"},"reference-count":74,"publisher":"SAGE Publications","issue":"5","license":[{"start":{"date-parts":[[2021,8,11]],"date-time":"2021-08-11T00:00:00Z","timestamp":1628640000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/journals.sagepub.com\/page\/policies\/text-and-data-mining-license"}],"content-domain":{"domain":["journals.sagepub.com"],"crossmark-restriction":true},"short-container-title":["Journal of Computer Security"],"published-print":{"date-parts":[[2022,10,5]]},"abstract":"<jats:p> The Internet of Things (IoT) is evolving our society; however, the growing adoption of IoT devices in many scenarios brings security and privacy implications. Current security solutions are either unsuitable for every IoT scenario or provide only partial security. This paper presents AntibIoTic 2.0, a distributed security system that relies on Fog computing to secure IoT devices, including legacy ones. The system is composed of a backbone, made of core Fog nodes and Cloud server, a Fog node acting at the edge as the gateway of the IoT network, and a lightweight agent running on each IoT device. The proposed system offers fine-grained, host-level security coupled with network-level protection, while its distributed nature makes it scalable, versatile, lightweight, and easy to deploy, also for legacy IoT deployments. AntibIoTic 2.0 can also publish anonymized and aggregated data and statistics on the deployments it secures, to increase awareness and push cooperations in the area of IoT security. This manuscript recaps and largely expands previous works on AntibIoTic, providing an enhanced design of the system, an extended proof-of-concept that proves its feasibility and shows its operation, and an experimental evaluation that reports the low computational overhead it causes. <\/jats:p>","DOI":"10.3233\/jcs-210027","type":"journal-article","created":{"date-parts":[[2021,8,13]],"date-time":"2021-08-13T17:52:50Z","timestamp":1628877170000},"page":"689-725","update-policy":"https:\/\/doi.org\/10.1177\/sage-journals-update-policy","source":"Crossref","is-referenced-by-count":1,"title":["<tt>AntibIoTic<\/tt>: The Fog-enhanced distributed security system to protect the (legacy) Internet of Things"],"prefix":"10.1177","volume":"30","author":[{"given":"Michele","family":"De Donno","sequence":"first","affiliation":[{"name":"DTU Compute, Technical University of Denmark, Denmark. E-mails:\u00a0,\u00a0,\u00a0"}]},{"given":"Xenofon","family":"Fafoutis","sequence":"additional","affiliation":[{"name":"DTU Compute, Technical University of Denmark, Denmark. E-mails:\u00a0,\u00a0,\u00a0"}]},{"given":"Nicola","family":"Dragoni","sequence":"additional","affiliation":[{"name":"DTU Compute, Technical University of Denmark, Denmark. E-mails:\u00a0,\u00a0,\u00a0"}]}],"member":"179","published-online":{"date-parts":[[2021,8,11]]},"reference":[{"key":"ref001","doi-asserted-by":"publisher","DOI":"10.1145\/2897937.2905020"},{"key":"ref002","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2020.2988293"},{"key":"ref003","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2019.2914390"},{"key":"ref004","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2020.102537"},{"key":"ref005","doi-asserted-by":"publisher","DOI":"10.1109\/CCNC.2018.8319238"},{"key":"ref006","doi-asserted-by":"crossref","unstructured":"K.\u00a0Alieyan, A.\u00a0Almomani, R.\u00a0Abdullah, B.\u00a0Almutairi and M.\u00a0Alauthman, Botnet and Internet of Things (IoTs): A definition, taxonomy, challenges, and future directions, in: Security, Privacy, and Forensics Issues in Big Data, IGI Global, 2020, pp.\u00a0304\u2013316.","DOI":"10.4018\/978-1-5225-9742-1.ch013"},{"key":"ref007","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2020.2983655"},{"key":"ref008","doi-asserted-by":"publisher","DOI":"10.1109\/ICCPS48487.2020.00036"},{"key":"ref009","doi-asserted-by":"publisher","DOI":"10.1109\/WCCAIS.2014.6916651"},{"key":"ref010","doi-asserted-by":"publisher","DOI":"10.1016\/j.ymssp.2019.106436"},{"issue":"7","key":"ref011","first-page":"97","volume":"22","author":"Ashton K.","year":"2009","journal-title":"RFID journal"},{"key":"ref012","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101759"},{"key":"ref013","unstructured":"I.S.\u00a0Association, 1934\u20132018-IEEE Standard for Adoption of OpenFog Reference Architecture for Fog Computing, 2018, https:\/\/ieeexplore.ieee.org\/document\/8423800."},{"key":"ref014","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2010.05.010"},{"key":"ref015","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2014.103"},{"key":"ref016","doi-asserted-by":"publisher","DOI":"10.1145\/2342509.2342513"},{"key":"ref017","doi-asserted-by":"crossref","unstructured":"C.\u00a0Bormann, M.\u00a0Ersue and A.\u00a0Keranen, Terminology for Constrained-Node Networks, Internet Engineering Task Force (IETF), Request for Comments: 7229 (2014), https:\/\/tools.ietf.org\/html\/rfc7228.","DOI":"10.17487\/rfc7228"},{"key":"ref018","unstructured":"C.\u00a0EU\u00a0Parliament, Directive of the European Parliament and of the Council of 12 August 2013 on Attacks Against Information Systems and Replacing Council Framework Decision 2005\/222\/JHA, Vol.\u00a0218, 2013, https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32013L0040&from=EN [Accessed on July 15th, 2020]."},{"key":"ref019","unstructured":"Cisco, Cisco Visual Networking Index: Forecast and Trends, 2017\u20132022, Technical Report, 2018, https:\/\/www.cisco.com\/c\/en\/us\/solutions\/collateral\/service-provider\/visual-networking-index-vni\/white-paper-c11-741490.pdf."},{"key":"ref020","doi-asserted-by":"publisher","DOI":"10.1145\/3266142"},{"key":"ref021","unstructured":"I.I.\u00a0Consortium, Industrial Internet of Things Volume G4: Security Framework, Technical Report, 2016, https:\/\/www.iiconsortium.org\/IISF.htm."},{"key":"ref022","unstructured":"I.I.\u00a0Consortium, The Industrial Internet of Things Volume G1: Reference Architecture, Technical Report, 2019, https:\/\/www.iiconsortium.org\/IIRA.htm."},{"key":"ref023","doi-asserted-by":"publisher","DOI":"10.1109\/TPWRS.2019.2957704"},{"key":"ref024","unstructured":"M.\u00a0De Donno, AntibIoTic 2 0 \u2013 Demo [Video], 2020, https:\/\/youtu.be\/xiIKLREo3vY."},{"key":"ref025","unstructured":"M.\u00a0De Donno, AntibIoTic [source code], 2020, https:\/\/github.com\/michele-dedonno\/AntibIoTic."},{"key":"ref026","doi-asserted-by":"crossref","unstructured":"M.\u00a0De Donno and N.\u00a0Dragoni, Combining AntibIoTic with Fog computing: Antibiotic 2.0, in: Proceeding of the 3rd International Conference on Fog and Edge Computing (ICFEC), IEEE, 2019, pp.\u00a01\u20136.","DOI":"10.1109\/CFEC.2019.8733144"},{"key":"ref027","doi-asserted-by":"crossref","unstructured":"M.\u00a0De Donno, N.\u00a0Dragoni, A.\u00a0Giaretta and M.\u00a0Mazzara, AntibIoTic: Protecting IoT devices against DDoS attacks, in: International Conference in Software Engineering for Defence Applications, Springer, 2016, pp.\u00a059\u201372.","DOI":"10.1007\/978-3-319-70578-1_7"},{"key":"ref028","doi-asserted-by":"crossref","unstructured":"M.\u00a0De Donno, N.\u00a0Dragoni, A.\u00a0Giaretta and A.\u00a0Spognardi, Analysis of DDoS-capable IoT malwares, in: Proceedings of the Federated Conference on Computer Science and Information Systems (FedCSIS), IEEE, 2017, pp.\u00a0807\u2013816.","DOI":"10.15439\/2017F288"},{"key":"ref029","doi-asserted-by":"publisher","DOI":"10.1155\/2018\/7178164"},{"key":"ref030","doi-asserted-by":"crossref","unstructured":"M.\u00a0De Donno, J.M.D.\u00a0Felipe and N.\u00a0Dragoni, ANTIBIOTIC 2.0: A fog-based anti-malware for Internet of Things, in: Proceedings of the European Symposium on Security and Privacy Workshops (EuroS&PW), IEEE, 2019, pp.\u00a011\u201320.","DOI":"10.1109\/EuroSPW.2019.00008"},{"key":"ref031","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2947652"},{"key":"ref032","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2020.107417"},{"key":"ref033","doi-asserted-by":"crossref","unstructured":"N.\u00a0Dragoni, A.\u00a0Giaretta and M.\u00a0Mazzara, The Internet of Hackable Things, in: Proceedings of the 5th International Conference in Software Engineering for Defence Applications, P.\u00a0Ciancarini, S.\u00a0Litvinov, A.\u00a0Messina, A.\u00a0Sillitti and G.\u00a0Succi, eds, Springer, 2017, pp.\u00a0129\u2013140. ISBN 978-3-319-70578-1.","DOI":"10.1007\/978-3-319-70578-1_13"},{"key":"ref034","unstructured":"E.T.C.C.S.\u00a0(CYBER), Cyber Security for Consumer Internet of Things: Baseline Requirements, Technical Report, 2020, shorturl.at\/fvGK4."},{"key":"ref035","doi-asserted-by":"publisher","DOI":"10.1109\/WiMOB.2019.8923222"},{"key":"ref036","doi-asserted-by":"publisher","DOI":"10.1186\/s13677-018-0123-6"},{"key":"ref037","doi-asserted-by":"publisher","DOI":"10.1109\/WF-IoT.2018.8355116"},{"key":"ref038","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-14687-0_6"},{"key":"ref039","doi-asserted-by":"publisher","DOI":"10.36909\/jer.v9i2.9823"},{"key":"ref040","doi-asserted-by":"publisher","DOI":"10.1108\/IJIUS-06-2019-0029"},{"key":"ref041","doi-asserted-by":"publisher","DOI":"10.1145\/3284554"},{"key":"ref042","doi-asserted-by":"crossref","unstructured":"A.\u00a0Giaretta, M.\u00a0De Donno and N.\u00a0Dragoni, Adding salt to pepper: A structured security assessment over a humanoid robot, in: Proceedings of the 13th International Conference on Availability, Reliability and Security, 2018, pp.\u00a01\u20138.","DOI":"10.1145\/3230833.3232807"},{"key":"ref043","doi-asserted-by":"publisher","DOI":"10.5120\/21674-4762"},{"key":"ref044","doi-asserted-by":"publisher","DOI":"10.1145\/2851613.2851685"},{"key":"ref045","unstructured":"O.C.A.W.\u00a0Group, OpenFog Reference Architecture for Fog computing, Technical Report, 2017, https:\/\/iiconsortium.org\/pdf\/OpenFog_Reference_Architecture_2_09_17.pdf."},{"key":"ref046","first-page":"34","volume":"10","author":"Hosseinpour F.","year":"2016","journal-title":"International Journal of Digital Content Technology and its Applications"},{"key":"ref047","doi-asserted-by":"crossref","unstructured":"Y.\u00a0Jin, Towards hardware-assisted security for IoT systems, in: Proceeding of the Computer Society Annual Symposium on VLSI (ISVLSI), IEEE, 2019, pp.\u00a0632\u2013637.","DOI":"10.1109\/ISVLSI.2019.00118"},{"key":"ref048","doi-asserted-by":"publisher","DOI":"10.1109\/WF-IoT.2016.7845414"},{"key":"ref049","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-30577-2_5"},{"key":"ref050","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-13632-1_7"},{"key":"ref051","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2018.2888768"},{"key":"ref052","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2018.03.012"},{"key":"ref053","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2824319"},{"key":"ref054","doi-asserted-by":"crossref","unstructured":"F.\u00a0Liu, J.\u00a0Tong, J.\u00a0Mao, R.\u00a0Bohn, J.\u00a0Messina, L.\u00a0Badger and D.\u00a0Leaf, NIST Cloud Computing Reference Architecture, Technical Report, 2011.","DOI":"10.6028\/NIST.SP.500-292"},{"key":"ref055","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2019.2935189"},{"key":"ref056","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2019.2910750"},{"key":"ref057","unstructured":"T.H.\u00a0News, Dark Nexus: A New Emerging IoT Botnet Malware Spotted in the Wild, 2020, https:\/\/thehackernews.com\/2020\/04\/darknexus-iot-ddos-botnet.html [Accessed on July 1st, 2020]."},{"key":"ref058","unstructured":"T.H.\u00a0News, Mukashi: A New Mirai IoT Botnet Variant Targeting Zyxel NAS Devices, 2020, https:\/\/thehackernews.com\/2020\/03\/zyxel-mukashi-mirai-iot-botnet.html [Accessed on July 1st, 2020]."},{"key":"ref059","doi-asserted-by":"crossref","unstructured":"Nexusguard, DDoS Threat Report 2020 Q1, Technical Report, 2020, https:\/\/blog.nexusguard.com\/threat-report\/ddos-threat-report-2020-q1.","DOI":"10.1016\/S1361-3723(20)30082-8"},{"key":"ref060","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2020.07.020"},{"key":"ref061","doi-asserted-by":"publisher","DOI":"10.1016\/j.icte.2020.04.005"},{"key":"ref062","doi-asserted-by":"publisher","DOI":"10.1109\/ICCCNT.2018.8494060"},{"key":"ref063","doi-asserted-by":"publisher","DOI":"10.1145\/3109761.3158413"},{"key":"ref064","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2018.2867613"},{"key":"ref065","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2988854"},{"key":"ref066","doi-asserted-by":"publisher","DOI":"10.1109\/ICOEI.2019.8862778"},{"key":"ref067","doi-asserted-by":"crossref","unstructured":"G.\u00a0Selander, J.\u00a0Mattsson, F.\u00a0Palombini and L.\u00a0Seitz, Object Security for Constrained RESTful Environments (OSCORE), Work in Progress (2019), https:\/\/www.hjp.at\/doc\/rfc\/rfc8613.html.","DOI":"10.17487\/RFC8613"},{"key":"ref068","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2020.2998105"},{"key":"ref069","doi-asserted-by":"publisher","DOI":"10.1109\/I-SMAC47947.2019.9032592"},{"key":"ref070","unstructured":"Statista, Internet of Things (IoT) connected devices installed base worldwide from 2015 to 2025 (in billions), 2016, https:\/\/www.statista.com\/statistics\/471264\/iot-number-of-connected-devices-worldwide\/ [Accessed on June 29th, 2020]."},{"key":"ref071","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-34957-8_10"},{"key":"ref072","unstructured":"SYSGO, PikeOS Certified Hypervisor, 2020, https:\/\/www.sysgo.com\/products\/pikeos-hyperviso [Accessed on August 14th, 2020]."},{"key":"ref073","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-44924-1_14"},{"key":"ref074","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.04.017"}],"container-title":["Journal of Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.3233\/JCS-210027","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/full-xml\/10.3233\/JCS-210027","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.3233\/JCS-210027","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,11]],"date-time":"2025-03-11T05:36:53Z","timestamp":1741671413000},"score":1,"resource":{"primary":{"URL":"https:\/\/journals.sagepub.com\/doi\/10.3233\/JCS-210027"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,8,11]]},"references-count":74,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2022,10,5]]}},"alternative-id":["10.3233\/JCS-210027"],"URL":"https:\/\/doi.org\/10.3233\/jcs-210027","relation":{},"ISSN":["0926-227X","1875-8924"],"issn-type":[{"type":"print","value":"0926-227X"},{"type":"electronic","value":"1875-8924"}],"subject":[],"published":{"date-parts":[[2021,8,11]]}}}