By Terry Wilson
The Global Cyber Alliance recently launched the Automated IoT Defence Ecosystem (AIDE), a cybersecurity development platform for Internet of Things (IoT) products. It is an effort to test the security of IoT devices and enable small businesses, manufacturers, service providers, and individuals to identify vulnerabilities, mitigate risks, and secure IoT devices against the new threats to an increasingly interconnected environment. AIDE harvests data from the IoT devices and turns it into threat intelligence data which is then made globally available.
The AIDE platform offers capabilities for data collection, analysis, and automated defense on a scale not previously attained. This is possible by bringing existing honeyfarms located around the world together, by aggregating the data from them with data from a network of custom-made ProxyPot platforms, and by combining all that information into an analysis platform that is available to companies, academia, nonprofits, and other entities, basically, to any stakeholder interested in studying the signatures and patterns of IoT attacks.
GCA’s vision is to better protect the public and mitigate global threats by identifying risks and vulnerabilities to IoT devices.
In order to gain a realistic understanding of the attack surface, we are inquiring about the types of IoT devices used in your organization or enterprise setting.
Understanding what types of devices are most-widely deployed among its partners will help GCA anticipate what security concerns can give rise to successful attacks on IoT systems and devices.
The information provided to GCA will be used to inform our ongoing work of creating virtual IoT devices that will be located on simulated networks to study IoT attack signatures and patterns.
Currently, the AIDE project has four components:
• Analysis: AIDE aggregates attack data into an analysis platform that is available to companies, academia, nonprofits, and other. The analysis platform will be used to generate data feeds available to GCA partners and the security community.
• Distribution: Data feeds are made available throughout the cybersecurity ecosystem to enable prompt mitigation of any detected IoT attacks.
• Display: AIDE offers a real-time visualization of high-level results at the platform’s site.
• Distributed Defense: Although the output from the AIDE platform was designed to allow for automated defense, it is flexible enough to be used in many different contexts and applications.
If you’d like to help us or get more information about AIDE, please contact us at firstname.lastname@example.org.
The author, Terry Wilson, is the Global Partnership Officer at the Global Cyber Alliance. You can connect with him on LinkedIn.