A Moving Target Defense Strategy for Internet of Things Cybersecurity

Mercado-Velazquez, Andres Aharhel; Escamilla-Ambrosio, Ponciano Jorge; Ortiz-Rodríguez, Floriberto

doi:10.1109/access.2021.3107403

Cited by 12 publications

(4 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Out of the above-mentioned related works, refs. [18,20,53,54,56,57] among previous game theory studies and [64,66] among previous IoT-enabled MTD studies provided the main inspirations for this study. Accordingly, to alleviate the above-mentioned limitations, we proposed IoDM, a systematic IoT deception model based on PBNE and BSSG and a partial signaling-based general sum game foreground and a POMDP state-transition background.…”

Section: Taxonomy Analysis By Previous Studies For Proposed Modelmentioning

confidence: 88%

“…Kyi et al [65] proposed the directivity of proactive framework designs related to IP address shuffling in the IoT communication layer and code diversification in the data layer. Mercado et al [66] randomized the communication protocol between nodes and gateways in the IoT network to propose an MTD strategy and an architecture that minimizes the asymmetric spatiotemporal dominance of attackers and the defender's system performance overhead based on multiple-criteria decision analysis. Based on the previous studies, using the MTD strategy parameter, we could prove the levels of the efficiency of proactive defense against DDoS attacks targeting IoT networks and the conceptual approaches for future optimization based on game theories and genetic algorithms.…”

Section: Mtd-based Defensive Deception Techniques For Iotmentioning

confidence: 99%

See 1 more Smart Citation

IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition

Seo

Kim

2022

Electronics

View full text Add to dashboard Cite

Moving target defense (MTD) and decoy strategies, measures of active defense, were introduced to secure both the proactive security and reactive adaptability of internet-of-things (IoT) networks that have been explosively applied to various industries without any strong security measures and to mitigate the side effects of threats. However, the existing MTD and decoy strategies are limited to avoiding the attacker’s reconnaissance and initial intrusion attempts through simple structural mutations or inducing the attackers to a static trap based on the deceptive path and lack approaches to adaptively optimize IoT in consideration of the unique characteristic information by the domain of IoT. Game theory-based and decoy strategies are other options; however, they do not consider the dynamicity and uncertainty of the decision-making stages by the organizational agent related to the IoT domains. Therefore, in this paper, we present a type of organizational deception modeling, namely IoT-based organizational deception modeling (IoDM), which considers both the dynamic topologies and organizational business fingerprints customized in the IoT domain and operational purpose. For this model, we considered the practical scalability of the existing IoT-enabled MTD and decoy concepts and formulated the partially incomplete deceptive decision-making modeling for the cyber-attack and defense competition for IoT in real-time based on the general-sum game. According to our experimental results, the efficiency of the deceptive defense of the IoT defender could be improved by 70% on average while deriving the optimal defense cost compared to the increased defense performance. The findings of this study will improve the deception performances of MTD and decoy strategies by IoT scenarios related to various operational domains such as smart home networks, industrial networks, and medical networks. To the best of our knowledge, this study has employed social-engineering IoT knowledge and general-sum game theory for the first time.

show abstract

Section: Taxonomy Analysis By Previous Studies For Proposed Modelmentioning

confidence: 88%

Section: Mtd-based Defensive Deception Techniques For Iotmentioning

confidence: 99%

IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition

Seo

Kim

2022

Electronics

View full text Add to dashboard Cite

show abstract

“…A very recent study (Mercado-Velázquez et al, 2021) targets specifically this trade-off, and proposes a framework that employs MTD by randomly shuffling the communication protocols between IoT nodes and an IoT gateway. The strategy proposed aims to balance the increased overhead resulting from the use of an MTD approach and its impact on system availability with minimising the chance attack success.…”

Section: Moving Target Defence (Mtd)mentioning

confidence: 99%

Risk and threat mitigation techniques in internet of things (IoT) environments: a survey

Salayma

2024

Front. Internet Things

View full text Add to dashboard Cite

Security in the Internet of Things (IoT) remains a predominant area of concern. Although several other surveys have been published on this topic in recent years, the broad spectrum that this area aims to cover, the rapid developments and the variety of concerns make it impossible to cover the topic adequately. This survey updates the state of the art covered in previous surveys and focuses on defences and mitigations against threats rather than on the threats alone, an area that is less extensively covered by other surveys. This survey has collated current research considering the dynamicity of the IoT environment, a topic missed in other surveys and warrants particular attention. To consider the IoT mobility, a life-cycle approach is adopted to the study of dynamic and mobile IoT environments and means of deploying defences against malicious actors aiming to compromise an IoT network and to evolve their attack laterally within it and from it. This survey takes a more comprehensive and detailed step by analysing a broad variety of methods for accomplishing each of the mitigation steps, presenting these uniquely by introducing a “defence-in-depth” approach that could significantly slow down the progress of an attack in the dynamic IoT environment. This survey sheds a light on leveraging redundancy as an inherent nature of multi-sensor IoT applications, to improve integrity and recovery. This study highlights the challenges of each mitigation step, emphasises novel perspectives, and reconnects the discussed mitigation steps to the ground principles they seek to implement.

show abstract

“…Many research efforts have been devoted to developing efficient MTD mechanisms, architectures, and strategies. Existing efforts target specific technologies such as Cloud [43], Software Defined Networks (SDN) [42,[44][45][46], SCADA systems, and IoT [47]. Despite this diversity, most developed technologies share common procedural guidelines and stages.…”

Section: Motivationmentioning

confidence: 99%

A Comprehensive Architectural Framework of Moving Target Defenses Against DDoS Attacks

Amro

Salah

Moreb³

2023

JCSANDM

View full text Add to dashboard Cite

Distributed Denial-of-Service (DDoS) attacks are among the top toughest security threats in today’s cyberspace. The multitude, diversity, and variety of both the attacks and their countermeasures have the consequence that no optimal solutions exist. However, many mitigation techniques and strategies have been proposed among which is Moving Target Defense (MTD). MTD strategy keeps changing the system states and attack surface dynamically by continually applying various systems reconfigurations aiming at increasing the uncertainty and complexity for attackers. Current proposals of MTD fall into one of three strategies: shuffling, diversity, and redundancy, based on what to move? how to move? and when to move? Despite the existence of such strategies, a comprehensive Framework for MTD techniques against DDoS attacks that can be used for all types of DDoS attacks has not been proposed yet. In this paper, we propose a novel and comprehensive Framework of MTD techniques considering all stages, mechanisms, data sources, and criteria adopted by the research community, the Framework will apply to all DDoS attacks on different systems. To efficiently use our proposed model, a comprehensive taxonomy of MTD mitigation techniques and strategies is also provided and can be used as a reference guide for the best selection of the model’s parameters.

show abstract

A Moving Target Defense Strategy for Internet of Things Cybersecurity

Cited by 12 publications

References 10 publications

IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition

IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition

Risk and threat mitigation techniques in internet of things (IoT) environments: a survey

A Comprehensive Architectural Framework of Moving Target Defenses Against DDoS Attacks

Contact Info

Product

Resources

About