Paper Info
Title
Integrated Proactive Defense for Software Defined Internet of Things under Multi-Target Attacks
Abstract
Due to the constrained resource and computational limitation of many Internet of Things (IoT) devices, conventional security protections, which require high computational overhead are not suitable to be deployed. Thus, vulnerable IoT devices could be easily exploited by attackers to break into networks. In this paper, we employ cyber deception and moving target defense (MTD) techniques to proactively change the network topology with both real and decoy nodes with the support of software-defined networking (SDN) technology and investigate the impact of single-target and multi-target attacks on the effectiveness of the integrated mechanism via a hierarchical graphical security model with security metrics. We also implement a web-based visualization interface to show topology changes with highlighted attack paths. Finally, the qualitative security analysis is performed for a small-scale and SDN-supported IoT network with different combinations of decoy types and levels of attack intelligence. Simulation results show the integrated defense mechanism can introduce longer mean-time-to-security-failure and larger attack impact under the multi-target attack, compared with the single-target attack model. In addition, adaptive shuffling has better performance than fixed interval shuffling in terms of a higher proportion of decoy paths, longer mean-time-to-security-failure and largely reduced defense cost.
Year
DOI
Venue
2020
10.1109/CCGrid49817.2020.00-12
2020 20th IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing (CCGRID)
Keywords
DocType
ISBN
Moving Target Defense,Cyber Deception,Internet of Things,Graphical Security Model
Conference
978-1-7281-6095-5
Citations 
PageRank 
References 
0
0.34
0
Authors
3
Name
Order
Citations
PageRank
Weilun Liu100.34
Mengmeng Ge2486.41
Dong Seong Kim386693.34