Deployment Optimization of IoT Devices through Attack Graph Analysis

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

15 Scopus citations

Abstract

The Internet of things (IoT) has become an integral part of our life at both work and home. However, these IoT devices are prone to vulnerability exploits due to their low cost, low resources, the diversity of vendors, and proprietary firmware. Moreover, short range communication protocols (e.g., Bluetooth or ZigBee) open additional opportunities for the lateral movement of an attacker within an organization. Thus, the type and location of IoT devices may significantly change the level of network security of the organizational network. In this paper, we quantify the level of network security based on an augmented attack graph analysis that accounts for the physical location of IoT devices and their communication capabilities. We use the depth-first branch and bound (DFBnB) heuristic search algorithm to solve two optimization problems: Full Deployment with Minimal Risk (FDMR) and Maximal Utility without Risk Deterioration (MURD). An admissible heuristic is proposed to accelerate the search. The proposed method is evaluated using a real network with simulated deployment of IoT devices. The results demonstrate (1) the contribution of the augmented attack graphs to quantifying the impact of IoT devices deployed within the organization on security, and (2) the effectiveness of the optimized IoT deployment.

Original languageEnglish
Title of host publicationWiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks
PublisherAssociation for Computing Machinery, Inc
Pages192-202
Number of pages11
ISBN (Electronic)9781450367264
DOIs
StatePublished - 15 May 2019
Event12th Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2019 - Miami, United States
Duration: 15 May 201917 May 2019

Publication series

NameWiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks

Conference

Conference12th Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2019
Country/TerritoryUnited States
CityMiami
Period15/05/1917/05/19

Keywords

  • Attack graphs
  • Internet of Things
  • IoT deployment
  • Optimization
  • Short-Range Communication

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Deployment Optimization of IoT Devices through Attack Graph Analysis'. Together they form a unique fingerprint.

Cite this