INCREASING THE CONFIDENTIALITY OF TRANSMITTED INTERNET OF THINGS DATA USING STEGANOGRAPHY

INCREASING THE CONFIDENTIALITY OF TRANSMITTED INTERNET OF THINGS DATA USING STEGANOGRAPHY

Darya Akhmetova

Master's student, International Information Technology University,

Kazakhstan, Almaty

Saule Amanzholova

Ph.D., Head of the Cybersecurity Department, International Information Technology University,

Kazakhstan, Almaty

Nurzhan Duzbayev

Ph.D., Associate professor, International Information Technology University,

Kazakhstan, Almaty

ABSTRACT

The Internet of Things is being introduced into human life more and more every year and covers the most significant areas of activity: medicine, military affairs, smart homes, agriculture, and even a smart city. However, when connected to a network, these devices become vulnerable to interception and modification of data by intruders. The solution to this problem can be a method such as steganography - a technique for hiding the transmission of information. This article details new devices, how they work in healthcare, such as pacemakers and various devices for diabetics. The second area affected is military activity, where various sensors are used to monitor the army, troops, equipment, as well as enemy assets, both ground and water. This article proposes the introduction of steganography at the level of routers, routers, satellites, built-in modules to preserve data confidentiality in these areas. This decision was made taking into account the fact that the aggregation of information from devices is very important for the IoT, since these sensors individually transmit huge amounts of data. It also provides examples of how to hide GPS coordinates information and electrocardiogram data using the least significant bit method. The results obtained have been successfully checked against the comparison of files containing confidential information with container files. As a result, the embedded data remained undetectable to human auditory and visual abilities.

Keywords: steganography, LSB, IoT, IoBT, OoT, pacemaker, ATAK.

I. Introduction

The Internet of Things is a new stage in the development of devices that allows mankind to expand the possibilities of collecting, storing, transmitting, analyzing the received information, as well as managing these devices. Every year the IoT is being introduced at an incredible speed into all types of areas of human activity. This covers medicine, military, agriculture, logistics, construction, security systems, and the power industry. The IoT today is not only a smart home, the purpose of which is to create comfortable conditions for a person, it is a huge variety of programs, applications, devices and sensors. These devices range from entire urban logistics systems for traffic management, rural areas for monitoring and maintaining conditions, as well as individual small devices designed for personal use, such as measuring the number of steps per day and hours of sleep per night [1]-[3].

However, since this is a relatively recent branch of technology, it faces certain challenges. The main problem of the IoT is vulnerability to cyberattacks [4]. The roots of this problem lie in the fact that every day a huge number of new gadgets are connected to the network, which, in turn, may have exposed configuration, and in the fact that devices on the network can transmit data to each other without human intervention through certain channels, protocols. With the connection of these systems to the Internet, the threats of disclosure of transmitted data, device hacking, software flashing and DDoS attacks increase [5], [6].

According to Kaspersky Lab, in 2019 there were 105 million attacks on IoT devices, which were carried out from 276,000 unique IP addresses [7]. In the first half of 2021, Kaspersky honeypots that mimic vulnerable IoT devices were attacked more than 1.5 billion times [8]. In healthcare, hacking such devices can expose sensitive confidential data and even compromise patient security. In the military sphere - to reveal information about ammunition, troops, their location, data from unmanned aerial vehicles and other militant equipment. In the city - disrupt entire transport systems, which will lead to accidents, interruptions in work.

The data privacy issues described above can be addressed using a variety of steganography techniques. Steganography is one of the methods of concealing data, the main purpose of which is to hide the fact of the transfer of confidential information. Therefore, hackers who have gained access to a device, storage, or transmission channel must first discover that secret information is hidden in a particular file. And only after that, try to disclose it. The purpose of this article is to show the possible use of steganography as one of the ways to protect information in Internet of Things devices that can store or transmit important confidential data [9].

II. Application areas of the Internet of things

The area in which the IoT is most widespread at the present time is healthcare. According to Markets and Markets, the global healthcare IoT mart will grow to $180 billion by 2025. In 2019 the demand for remote monitoring of patient health increased due to the coronavirus pandemic [10] – [11].

A sub-field of telemedicine is biomonitoring, where most medical beacons of the IoT are used. Such devices connected to the network, collect accurate data, give a broader comprehension of symptoms, and help with remote monitoring and treatment [12].

Intelligent insulin pens can not only record the time, amount and type of insulin injected per dose, but can also recommend and remind the patient the right type of insulin injection at the specific time [13].

Automated Insulin Delivery is a CGM-based OpenAPS initiative that measures blood sugar levels and automatically delivers insulin to the patient. The big disadvantage of this system is the open source code of this development. Knowing how the supply of insulin works, attackers can use it for their own purposes [14].

The American St. Jude Medical company specializes in the manufacture of medical equipment such as pacemakers and cardioverter defibrillators. Benefits of pacemakers include durability, the absence of unwanted stimulation of the right ventricle, advanced automation, including diagnostics. These devices allow remote monitoring the patient's well-being. However, in 2017, the US Food and Drug Administration (FDA) stated that St. Jude Medical has vulnerabilities that could allow a hacker to gain access to the device: drain the battery or change the power of the device [15].

Figure 1.  St. Jude Medical pacemaker system architecture

The pacemaker installed on the patient's heart sends the patient's data to the monitor and programmer via radio frequency telemetry. Patient monitor (transmitter) collects various information from the pacemaker and sends it regularly to a secure server where the doctor or clinic can view this information. Merlin Programmer is a handheld LCD touch screen computer that allows clinicians to access and analyze patient information during routine follow-up visits and quickly and easily make programming changes to implanted devices. It can connect to a network using the wired ethernet network connection. Merlin.net consists of report generators that are used to convert data read from implanted devices into the same reports generated in the clinic, detect alarm conditions in this data, and repackage device diagnostics and parameters into forms suitable for graphical display and export to Clinic Electronic Health Record (EHR), either sent to the mobile application or displayed on the website [16] – [19].

The Internet of Things has not bypassed the army — intelligent technologies are also used on the battlefields, the so-called Internet of Battle Things (IoBT). Currently, IoT technologies are used in intelligence, logistical support for troops, unmanned warfare, environmental surveillance and include drones, various sensors, vehicles, ammunition, biometric devices, armor and weapons. IoBT devices are widely applied in various military training programs. As new technologies emerge, the range of tasks and capabilities of military “smart devices” is expanding at a rapid pace. However, it is necessary to create secure conditions for data exchange to protect against enemy hacking and disclosure of information.

A well-known development of the US Army is the ATAK (Android Tactical Assault Kit) application, which provides accurate targeting, reconnaissance of the surrounding landscape, situational awareness, navigation, and data exchange. The application represents a Google Maps* map, on which marks and icons are laid according to situational data, military operations. The app includes "Blue Tracking" to see where team members are currently located (which reduces friendly fire incidents and helps coordinate movements), "Red Tracking" to see where enemy troops/vehicles are located, as well as to see terrain, weather, and other topographical elements in real time. Additionally, the exchange of text messages and files (photos and videos) is protected by encryption. ATAK has a base of 250,000 military and civilian users in US public safety agencies and partner countries as of 2020 [20].

Figure 2. Android Tactical Assault Kit system architecture

So, for example, location coordinates are collected on various military equipment. The GPS position of the army can be gathered using their walkie-talkies, such as MPU5, smartphones. All this location information is transmitted over the MANET network. MANET (Mobile Ad hoc Network) are wireless decentralized self-organizing networks consisting of mobile devices capable of establishing connections between arbitrary nodes. Such networks are used by the military, in the absence of cell towers, infrastructure. Then the data is transferred to the server, storage, encrypted and after that, commanders can monitor the current military situation through the application.

The Ocean of Things (OoT) program is a military project designed to collect, monitor, analyze data on the environment and the activities of ships and aircrafts over the ocean. Mechanisms have already been installed in the Gulf of Mexico, as well as in the bays of Southern California [21].

The devices are environmentally friendly special buoys powered by a solar battery, equipped with the following sensors: Sea Surface Temperature, GPS Position, Inertial Measurement Unit (IMU), AIS Receiver, Surface Pressure, Relative Humidity, Cloud cover, Software Defined Radio (SDR), Microphone, Hydrophone, Camera, Conductivity.

In addition to military purposes, the sensors will help gather new information for oceanographers, biologists and meteorologists since they transmit real-time information via satellite to the cloud network. Sensors combine data from multiple floats to create a common view.

Fig 3. Principle of the Ocean of Things system operation

The system has priority sensors - mission sensors that transmit information, generate reports in real time, and also sensors for changing environmental parameters that send reports periodically.

The raw data is encoded transferred to Iridium Modem SBD and sent to the Iridium satellite as an Iridium Mobile Originated (MO) message. The bytes are then transferred to the Naval Information Warfare Center (NIWC) cloud. After that, the bytes are unpacked by the OoT Gov switchboard. There they are decoded with Avro + JSON. Then this format is uploaded to the Apache Kafka pub/sub streaming pipeline for user access and control [22].

III. PROPOSED DESIGN METHOD

IOT devices are currently applicable in almost all spheres of human life. From section 2, we can conclude that such technique can collect and process sensitive, confidential government or military information. As can be seen from the diagrams above, the IoT starts with sensors that collect information. They can produce huge amounts of data in the smallest unit of time. All this data must be analyzed, processed, stored and sent to end devices. Thus, the IoT is valuable in the aggregation of all such sensors, their data.

Figure 4. The proposed solution for the implementation of steganography

The solution includes a generalized scheme of operation of all IOT devices. For example, information from sensors is collected on an aggregator. Data aggregators can be built-in IoT modules, processors, routers, satellite [23]. On this stage, information is cumulated, combined, and a complete report is formed according to information from sensors. The composite information is much smaller than the separate information from the sensors. Our suggestion to ensure the security of transmitted data is to put this information in a steganographic container after the aggregation stage in case the data is intercepted.

So, for example, in Fig. 1 aggregator is Merlin Monitor and Merlin Programmer. By collecting electrocardiogram data from the device, it can identify features, send reports, and display alerts in case of anomalies. An electrocardiogram can be hidden in another picture, or an audio message by using steganographic data encryption.

In the case of the ATAK application, Router MANET is aggregator that picks information. So, the collected GPS coordinates of all devices can be hidden in a TCP/IP packet or a picture by steganographic algorithms.  And then, embedded data is transferred to the server, sent to the storage (data lakes) and decrypted for further data processing. An attacker who intercepts data over the channel between the aggregator and the server will see completely different data, pictures, packages.

IV. RESULTS ANS DISCUSSION

Steganography algorithms can differ by the type of the container-file in which the information will be placed (text, audio, picture, network stream), or by the method of encryption the information.

Since we need to hide large amounts of data that are constantly transmitted to the server, the delays should be minimal, as in the case of a pacemaker that supports human life. Therefore, it is important to choose an algorithm that, firstly, can contain as much secret data as possible, and secondly, does not cause retention in encryption / decryption. Among the methods, the most capacious and simple to implement is LSB (Least Significant Bit). The meaning of this algorithm is that the last significant bits of the container (images, audio or video) are replaced by the bits of the hidden message. In the case of audio, the container is broken down into a specific frequency and sampling depth to further embed the secret message. In order to prevent an attacker from intercepting the patient's electrocardiogram during transmission from the edge node to the server.

Figure 5. Process of hiding a secret file in a cover picture using the LSB method

In this example, the LSB algorithm was used, where only 1 least significant bit was replaced, which did not change the picture externally. Further on the platform https://blue2digital.com/ we compared the cover image and the resulting image, which stores the electrocardiogram image.

Figure 6. The result of the difference between the picture containing the information and the cover

This service indicated that a picture containing information about a cardiogram deviate from the container by only 0.06%. The human eye will not be able to recognize so many minor differences. In the following example, the collected information with GPS coordinates was placed in the fragment of the audio file (song), the LSB method was also used.

The results were then also checked against the https://blue2digital.com/ service. This server computes the cross-correlation between two WAV files and not distinguish between the cover art and the encrypted audio.

Figure 8. The result of the difference between the audio containing the information and the cover

This example offers a solution for collected data from GPS and other sensors, systems such as ATAK and Ocean of Things, where confidential data is placed in an audio recording.

V. CONCLUSION

This article described significant areas of human activity where IOT devices are used, such as medicine and the military theme. However, like all devices connected to the Internet, IOTs also have vulnerabilities. We suggested steganographic options on how to make the transmission channel more secure from the IOT device aggregator to the server in case of data interception by an attacker. The purpose of this technique is to hide the fact of having valuable information in another file, so that the attacker could not understand that he had confidential data in front of him. In two examples, the LSB algorithm was used, as it has good capacity and will not cause significant delays in the transfer of encrypted files. The first option was to consider an example of how to hide a patient's electrocardiogram in another picture. At the same time, the platform where it is possible to compare pictures showed that their similarity is 99.94%. In the second case, an example with hidden GPS coordinates in an audio file was proposed. The service did not detect the substitution of bits between original cover audio and audio with embedded data. But, when decrypting, the text is completely preserved. Since steganography is based on human perception, an attacker will not be able to recognize visible flaws, noise, "broken pixels" in files where secret data is stored. This allows to hide the transmitted information and make it undetectable for unauthorized access in case of hacking.

*(At the request of Roskomnadzor, we inform you that a foreign person who owns Google information resources is a violator of the legislation of the Russian Federation - ed. note)

References:

1. 1. Harika D., & Mnssvkr G. (2018). IoT Application, A Survey. International Journal of Engineering & Technology, 7 (2.7), 3-6.
   2. Where IoT technologies are most successfully applied: areas and industries. (2018, Dec 3). News IOT Russia.  https://iotconf.ru/ru/article/gde-uspeshnee-vsego-primenyayutsya-tehnologii-iot-sferi-i-otrasli-94781
   3. Christopher B., & Ioanna R., & Nikos K., & Kevin D., & Keith E. (2017). IoT in Agriculture: Designing a Europe-Wide Large-Scale Pilot. IEEE communications magazine, 26-33
   4. Rob van K., S., & Alex, B. (2012). IoT Challenges. Communications in Mobile Computing, 9, 1-4.
   5. Mohammed Sadeeq, M., Abdulkareem. (2021). IoT and Cloud Computing Issues. Qubahan Academic Journal, 1(2), 1–7.
   6. Lo’ai T., & Fadi M., (2020). IoT Privacy and Security: Challenges and Solutions. Fog Computing for Intelligent IoT Applications, 10(12), 1-16.
   7. IoT under fire. (2019, Oct 15). Kaspersky Lab. https://www.kaspersky.com/about/press-releases/2019_iot-under-fire-kaspersky-detects-more-than-100-million-attacks-on-smart-devices-in-h1-2019
   8. Kaspersky: Attacks on IoT devices double in a year. (2021, Sep 7). TechForge Media. https://www.iottechnews.com/news/2021/sep/07/kaspersky-attacks-on-iot-devices-double-in-a-year/
   9. Manju K., Aditya K., Amir H. (2020). Securing Data in IOT.  IEEE Transactions on Systems, Man, and Cybernetics: Systems, 50(1), 73 - 80.
   10. IoT in Healthcare Market. (2020, Jun). IoT in Healthcare. https://www.marketsandmarkets.com/Market-Reports/iot-healthcare-market/
   11. Mohammad M., Walaa M. (2020). An IoT Based Remote Healthcare System. International Journal of Online and Biomedical Engineering, 23(2)
   12. Aksenova E., & Gorbatov S., (2021). Internet of Medical Things. Research Institute of Health Organization, 42(2), 9-36.
   13. 7 examples of how the IOT is facilitating healthcare. (2021, Jan 19). HEALTHCARE AND PHARMACEUTICAL INNOVATION
   14. How OpenAPS works. (2017). OpenAPS community. Retrieved From the OPENAPS.ORG website: https://openaps.org/
   15. FDA confirms that St. Jude's cardiac devices can be hacked. (2017, Jan 9). Technology. https://money.cnn.com/2017/01/09/technology/fda-st-jude-cardiac-hack/
   16.  Software Model MN5000 v6.1 for use on Merlin@home devices. (2017).  Public Health Service. https://www.accessdata.fda.gov/cdrh_docs/pdf3/P030054S223M.pdf
   17. Axel M., Thomas M., (2011). Remote Monitoring in Patients with Pacemakers. Modern Pacemakers - Present and Future. 15(8).
   18. Merlin.net™ Patient Care Network (PCN) Overview. (2020). Merlin.net Patient Care Network. https://www.cardiovascular.abbott/content/ dam/bss/divisionalsites/cv/pdf/guides/crm-merlin-net-pcn-overview.pdf
   19. MERLIN@HOME TRANSMITTER SETUP. (2020). Merlin.net Patient Care Network. https://www.cardiovascular.abbott/content/dam/bss/ divisionalsites/cv/pdf/guides/CRM-MerlinAtHome-Transmitter-Setup-Guide.pdf
   20. Seffers G. (2015). Defense Department Awakens to Internet of Things. AFCEA, 39(1), 1-6.
   21. Tie Q., Zhao Z., Tong Z.(2020). Underwater IoT in Smart Ocean: System Architecture and Open Issues. IEEE Transactions on Industrial Informatics, 16(7), 4297 - 4307.
   22. Jeff El. (2020). Ocean of Things – Data Overview. Naval Information Warfare Center, 1(1), 1-46.
   23. Perry L. (2018). IoT for Architect. Birmingham, DC: Packt Publishing