Modeling and Analysis of Integrated Proactive Defense Mechanisms for Internet of Things

Ge, Mengmeng; Cho, Jin‐Hee; Ishfaq, Bilal; Kim, Dong-Seong

doi:10.1002/9781119593386.ch10

Cited by 9 publications

(8 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The assessment mainly relies on the involvement of failure modes and recovery strategies for availability evaluation while attack intensities along with recovery of attack damage are the main focus being taken into account for security-aware assessment. Further considerations on security attack methods, security risks, and the effectiveness of different security countermeasures (for instance, Moving Target Defense (MTD) [68,69]) are of our future works. In addition, another extension can be the consideration of both performance and availability assessment (which is roughly called, perform-ability).…”

Section: Further Discussionmentioning

confidence: 99%

A Hierarchical Modeling and Analysis Framework for Availability and Security Quantification of IoT Infrastructures

2020

View full text Add to dashboard Cite

Modeling a complete Internet of Things (IoT) infrastructure is crucial to assess its availability and security characteristics. However, modern IoT infrastructures often consist of a complex and heterogeneous architecture and thus taking into account both architecture and operative details of the IoT infrastructure in a monolithic model is a challenge for system practitioners and developers. In that regard, we propose a hierarchical modeling framework for the availability and security quantification of IoT infrastructures in this paper. The modeling methodology is based on a hierarchical model of three levels including (i) reliability block diagram (RBD) at the top level to capture the overall architecture of the IoT infrastructure, (ii) fault tree (FT) at the middle level to elaborate system architectures of the member systems in the IoT infrastructure, and (iii) continuous time Markov chain (CTMC) at the bottom level to capture detailed operative states and transitions of the bottom subsystems in the IoT infrastructure. We consider a specific case-study of IoT smart factory infrastructure to demonstrate the feasibility of the modeling framework. The IoT smart factory infrastructure is composed of integrated cloud, fog, and edge computing paradigms. A complete hierarchical model of RBD, FT, and CTMC is developed. A variety of availability and security measures are computed and analyzed. The investigation of the case-study’s analysis results shows that more frequent failures in cloud cause more severe decreases of overall availability, while faster recovery of edge enhances the availability of the IoT smart factory infrastructure. On the other hand, the analysis results of the case-study also reveal that cloud servers’ virtual machine monitor (VMM) and virtual machine (VM), and fog server’s operating system (OS) are the most vulnerable components to cyber-security attack intensity. The proposed modeling and analysis framework coupled with further investigation on the analysis results in this study help develop and operate the IoT infrastructure in order to gain the highest values of availability and security measures and to provide development guidelines in decision-making processes in practice.

show abstract

Section: Further Discussionmentioning

confidence: 99%

A Hierarchical Modeling and Analysis Framework for Availability and Security Quantification of IoT Infrastructures

2020

View full text Add to dashboard Cite

show abstract

“…Recently, Ge et al [54] discussed a GA-based approach for optimizing the network shuffling in an SDN-based IoT network. In this work, the authors considered two types of the IoT nodes (e.g., decoy and real nodes), and designed three metrics, including the number of attack paths towards the decoy targets, mean time to security failure, and defense cost.…”

Section: B Genetic Algorithm-based Mtdmentioning

confidence: 99%

Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense

Cho

Sharma

Alavizadeh

et al. 2020

IEEE Commun. Surv. Tutorials

Self Cite

203

View full text Add to dashboard Cite

Reactive defense mechanisms, such as intrusion detection systems, have made significant efforts to secure a system or network for the last several decades. However, the nature of reactive security mechanisms has limitations because potential attackers cannot be prevented in advance. We are facing a reality with the proliferation of persistent, advanced, intelligent attacks while defenders are often way behind attackers in taking appropriate actions to thwart potential attackers. The concept of moving target defense (MTD) has emerged as a proactive defense mechanism aiming to prevent attacks. In this work, we conducted a comprehensive, in-depth survey to discuss the following aspects of MTD: key roles, design principles, classifications, common attacks, key methodologies, important algorithms, metrics, evaluation methods, and application domains. We discuss the pros and cons of all aspects of MTD surveyed in this work. Lastly, we highlight insights and lessons learned from this study and suggest future work directions. The aim of this paper is to provide the overall trends of MTD research in terms of critical aspects of defense systems for researchers who seek for developing proactive, adaptive MTD mechanisms.

show abstract

“…In addition to having sufficient knowledge of malware, exploits and network protocols, they need to be able to navigate the vast quantities of data, including logs, metadata, and packet capture (PCAP) data. Proactive defence has received a research focus in recent years [2] [3].…”

Section: Introductionmentioning

confidence: 99%

“…As a result, reactive mechanisms are far behind and are not be able to handle actions taken by clever adversaries. However, there is proactive defense that has been designed to detect potential attackers and/or mitigate the impact of intrusions ahead of their penetration like IPSs [3].…”

Section: Introductionmentioning

confidence: 99%

Turning the Hunted into the Hunter via Threat Hunting: Life Cycle, Ecosystem, Challenges and the Great Promise of AI

Hillier¹,

Karroubi²

2022

Preprint

View full text Add to dashboard Cite

The threat hunting lifecycle is a complex atmosphere that requires special attention from professionals to maintain security. This paper is a collection of recent work that gives a holistic view of the threat hunting ecosystem, identifies challenges, and discusses the future with the integration of artificial intelligence (AI). We specifically establish a life cycle and ecosystem for privacy-threat hunting in addition to identifying the related challenges. We also discovered how critical the use of AI is in threat hunting. This work paves the way for future work in this area as it provides the foundational knowledge to make meaningful advancements for threat hunting.

show abstract

Modeling and Analysis of Integrated Proactive Defense Mechanisms for Internet of Things

Cited by 9 publications

References 26 publications

A Hierarchical Modeling and Analysis Framework for Availability and Security Quantification of IoT Infrastructures

A Hierarchical Modeling and Analysis Framework for Availability and Security Quantification of IoT Infrastructures

Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense

Turning the Hunted into the Hunter via Threat Hunting: Life Cycle, Ecosystem, Challenges and the Great Promise of AI

Contact Info

Product

Resources

About