9

I just read about OpenIoT project. There are some points which I want to be clear about.

I want to perform SYN-Flood attack detection in wireless sensor nodes. A transmitter module is made from Arduino board, sensor and RF transmitter. On receiving end, I am using Raspberry Pi where the logs analysis is performed. I wonder if this whole system can be simulated in OpenIoT?

OpenIoT description says that it collects and process data from virtually any sensor (node) in the world. So is it possible to integrate my sensor nodes? (or get data from sensor node already available), simulate an attack and do log analysis for attack detection? Here, Can I introduce any plugin for attack detection in OpenIoT (It sounds very big though!)? Or any other way for security attack detection once I get logs in hand?

Also, please be free to share more knowledge on OpenIoT as I am in learning phase.

Helmar
  • 8,430
  • 6
  • 35
  • 84
user3639
  • 99
  • 1
  • 2
    One question per question please. What is the one well described problem you want help in? – mico Aug 03 '17 at 16:36

2 Answers2

3
iptables -I INPUT 1 -p tcp --syn -m limit --limit 1/s --limit-burst 3 -j DROP

If your device supports the ethernet stack and therefore iptables then you can use a rule like the above to handle flooding. The limits of 1/s is probably far too low to be useful, adjust on an as-needed basis

cybernard
  • 131
  • 2
3
  1. OpenIoT is not a simulation environment, so no to the simulation questions.
  2. Sure you can add your sensor nodes to OpenIoT, but then you'd bypass the ability to detect IP level activity. All OpenIoT would see is your sensor data.
  3. You could offload the Raspberry Pi log processing to the OpenIoT cloud if you send all the logs to OpenIoT. I can't see how this would make things better for you.
Heath Raftery
  • 673
  • 3
  • 7