File(s) under permanent embargo
Proactive defense mechanisms for the software-defined Internet of Things with non-patchable vulnerabilities
Version 2 2024-06-13, 13:24Version 2 2024-06-13, 13:24
Version 1 2019-11-18, 11:59Version 1 2019-11-18, 11:59
journal contribution
posted on 2024-06-13, 13:24 authored by M Ge, JB Hong, SE Yusuf, DS Kim© 2017 Elsevier B.V. The Internet of Things (IoT) contains a large number of heterogeneous devices with a variety of vulnerabilities. As the vulnerabilities can be exploited by the attackers to break into the system, it is of vital importance to patch all vulnerabilities. However, some vulnerabilities are impossible to patch (e.g., forever-day vulnerabilities). In order to deal with non-patchable vulnerabilities, we propose to change the attack surface of the IoT network to increase the attack effort. With the support of software-defined networking (SDN), we develop two proactive defense mechanisms that reconfigure the IoT network topology. We analyze how the security and performance change when the proposed solutions are deployed by using a graphical security model and various metrics in simulations. The results show our proactive defense mechanisms in the SD-IoT effectively increase the attack effort, while maintaining the average shortest path length.
History
Journal
Future Generation Computer SystemsVolume
78Pagination
568-582Location
Amsterdam, The NetherlandsPublisher DOI
ISSN
0167-739XLanguage
engPublication classification
C1.1 Refereed article in a scholarly journalIssue
2Publisher
ElsevierUsage metrics
Categories
Keywords
Licence
Exports
RefWorksRefWorks
BibTeXBibTeX
Ref. managerRef. manager
EndnoteEndnote
DataCiteDataCite
NLMNLM
DCDC