University of Twente Student Theses


Enabling Cyber Threat Intelligence Sharing for Resource Constrained IoT

Karlsson, August (2023) Enabling Cyber Threat Intelligence Sharing for Resource Constrained IoT.

[img] PDF
Abstract:Cyber threat intelligence (CTI) aims to improve the state of cyber security by sharing informing about attacks, actors and threats. The internet of things (IoT) however, has largely been missing in this. In this work, tinySTIX, a compressed data format, has been created which can be shared over CoAP with OSCORE using observable resources, as alternatives to the CTI standards STIX and TAXII. Two implementations for this have been created and evaluated. It was shown that tinySTIX reduces the message size by 35% on average and CoAP with OSCORE reduces both the number of packets and size of a session by 85% compared to the reference OpenTAXII implementation. Furthermore it was validated that tinySTIX messages could be sent from a resource constrained IoT device, although OSCORE could not be combined with observable resources as intended. It was shown that sending a typical message would increase the energy consumption by 5% over the baseline consumption for a duration of 640-2560 milliseconds. The proposed models and implementations are significantly lighter than their counterparts and can be considered feasible for CTI sharing for resource constrained IoT.
Item Type:Essay (Master)
RISE, Research Institutes of Sweden, Stockholm, Sweden
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:
Export this item as:BibTeX
HTML Citation
Reference Manager


Repository Staff Only: item control page