In 2019,
We aim to build a more secure and power-saving software system by expanding the domain-specific modeling language, code generator, and execution environment that we have been developing so far. In addition, in order to detect and deal with attacks in the IoT execution environment, we will proceed with research on attack detection methods and threat tracing.

WP1 | Implementation report

Expansion of framework

Extending the domain-specific modeling language defined so far, End users can easily set security and privacy requests Defined and built a development environment to describe the language. Specifically, end-user requirements such as the scope of distribution of data collected by IoT devices, the presence or absence of anonymization and encryption, and available power. Can be described. By combining with the </ span> code auto-generator in the next section, it is possible to pre-verify whether the application to be executed meets the end user’s requirements.

Secure and power-saving execution environment and expansion of automatic code generation

Code auto-generator that takes the end-user request written in the above-mentioned domain-specific modeling language as input and outputs the Luster language for automatic verification in order to verify whether the downloaded IoT application meets the user’s request. Was developed. This makes it possible to perform pre-validation of applications based on the extended domain-specific modeling language. Furthermore, by incorporating a power model for the device to be executed into the generated Luster language code, it is possible to perform pre-verification considering power. Specifically, it is possible to describe the restriction that the application cannot be executed when the power of the device used by operating the application exceeds the request from the user. This does not simply add the maximum power of the device to be used, but can be disabled only when the maximum power is exceeded in a combination that can occur by actually executing the application.

Attack detection and threat tracing

We conducted research on attack detection and threat tracing for network applications.

Suggestion of honeypot to be incorporated into framework

By incorporating the attack detection function into the framework of the web application, information such as the status of the web application can be used, and a method that can improve the attack detection performance compared to WAF (Web Application Firewall) is proposed and implemented. And confirmed the performance.

 Proposal of attack detection method in Hoppin

Also, since it is often uncertain with only one attack detection method, how to combine multiple attack detection methods to improve the accuracy of attack detection and further guide to the honeypot We had a discussion.

We proposed an attack detection / defense system | Hoppin, which has a honey spot function and protects against attacks while at the same time collecting attacks.

 MTD implementation and effectiveness

Furthermore, we proposed an implementation method of MTD (Moving Target Defense) to prevent attacks of network applications after attack detection, and considered the effectiveness of the defense method.