UM-Labs are R&D
UM-Labs R&D has been set up to design and look to create a better way of protecting against real-time communication cybercrime, all parties in the group have significant experience of developing robust solutions for a 21st century set of problems.
Thanks to the Internet, we live in a connected world, connectivity now extends beyond the set of applications of web, email to include internet transit via Instant Messaging (IM), Voice over IP (VoIP) and video calling. So much now of our everyday life relies on interconnects in Real-Time and new levels of usage which means 24 hour usage and a large multi-level attack surface for criminals and hostile nations, means a fertile research area to improve the way technology deals with and continues to evolve, such as AI, but as is often the case with new technologies such as IoT security, this has not received the attention it deserves.
The weakness of IP fragmentation
As the capabilities of a single internet host compare to the capabilities of multiple IoT hosts, Internet hosts can mount attacks against all RTC and all IoT devices that are similarly effective to today’s distributed Denial of Service attacks. DoS protection mechanisms built into standard IP security protocols do not mitigate this type of attack, as they often assume that individual hosts are equally powerful.
IP packet fragmentation enables malicious Internet hosts to fill up the limited buffer space of IoT hosts with invalid IP fragments by sending merely a few large packets. This is due to the fact that IP security protocols commonly calculate integrity checksums and signatures over whole packets instead of over intermediate fragments. Hence, the validity of fragmented packets cannot be verified before packet re-assembly.
The solution UM-Labs provide
The cooperative routing topology of RTC/IoT networks in combination with the higher bandwidth available to Internet host allows to not only target single IoT devices, but whole IoT networks with DoS attacks. As today’s IP security protocols focus on end-to-end mechanisms, they do not defend against this type of attack that would need to stop at the IoT ingress point.
The above issues show that IP security solutions do not cater immediately to a secure interconnection of IoT networks and the Internet. The research has taken us forward already to present a layer in any cloud for which IPV4 and IPV6 can be considered inter-operational allowing for an adaptation layer-based approach to enabling security bootstrapping between the IoT domain and the Internet with existing IP security protocols.