Deakin University
Browse

File(s) under permanent embargo

Proactive defense mechanisms for the software-defined Internet of Things with non-patchable vulnerabilities

Version 2 2024-06-13, 13:24
Version 1 2019-11-18, 11:59
journal contribution
posted on 2024-06-13, 13:24 authored by M Ge, JB Hong, SE Yusuf, DS Kim
© 2017 Elsevier B.V. The Internet of Things (IoT) contains a large number of heterogeneous devices with a variety of vulnerabilities. As the vulnerabilities can be exploited by the attackers to break into the system, it is of vital importance to patch all vulnerabilities. However, some vulnerabilities are impossible to patch (e.g., forever-day vulnerabilities). In order to deal with non-patchable vulnerabilities, we propose to change the attack surface of the IoT network to increase the attack effort. With the support of software-defined networking (SDN), we develop two proactive defense mechanisms that reconfigure the IoT network topology. We analyze how the security and performance change when the proposed solutions are deployed by using a graphical security model and various metrics in simulations. The results show our proactive defense mechanisms in the SD-IoT effectively increase the attack effort, while maintaining the average shortest path length.

History

Journal

Future Generation Computer Systems

Volume

78

Pagination

568-582

Location

Amsterdam, The Netherlands

ISSN

0167-739X

Language

eng

Publication classification

C1.1 Refereed article in a scholarly journal

Issue

2

Publisher

Elsevier