TY - JOUR
T1 - A Moving Target Defense Strategy for Internet of Things Cybersecurity
AU - Mercado-Velazquez, Andres Aharhel
AU - Escamilla-Ambrosio, Ponciano Jorge
AU - Ortiz-Rodriguez, Floriberto
N1 - Publisher Copyright:
© 2013 IEEE.
PY - 2021
Y1 - 2021
N2 - Internet of Things (IoT) systems are becoming more common and present in our daily lives. The increase of Internet-connected devices has caused attackers to focus their attention more on these devices. Therefore, new and more sophisticated attacks on IoT systems are discovered every day. Currently, to ensure reliability and operability, most IoT systems are designed to operate in a relatively static configuration in a highly heterogeneous environment. However, a system that does not continuously change its configurations, i.e., a static system, gives an advantage to attackers; with enough time and resources, an attacker will eventually find and exploit the vulnerabilities of any static target. This work proposes a Moving Target Defense (MTD) strategy that randomly shuffles the communication protocols through which a node communicates to a gateway in an IoT network. The system's configuration changes have an associated cost. The objective of the proposed MTD strategy in this work is to balance the increase in system performance overhead, the increase in business impact (system unavailability), and, at the same time, the decrease in the probability of success of a given attack. A framework is proposed to design this strategy; this framework can guide any MTD strategy for IoT systems. The framework's objective is to find, after several iterations, the MTD strategy parameters that achieve a balance between five different measurable variables of an IoT system.
AB - Internet of Things (IoT) systems are becoming more common and present in our daily lives. The increase of Internet-connected devices has caused attackers to focus their attention more on these devices. Therefore, new and more sophisticated attacks on IoT systems are discovered every day. Currently, to ensure reliability and operability, most IoT systems are designed to operate in a relatively static configuration in a highly heterogeneous environment. However, a system that does not continuously change its configurations, i.e., a static system, gives an advantage to attackers; with enough time and resources, an attacker will eventually find and exploit the vulnerabilities of any static target. This work proposes a Moving Target Defense (MTD) strategy that randomly shuffles the communication protocols through which a node communicates to a gateway in an IoT network. The system's configuration changes have an associated cost. The objective of the proposed MTD strategy in this work is to balance the increase in system performance overhead, the increase in business impact (system unavailability), and, at the same time, the decrease in the probability of success of a given attack. A framework is proposed to design this strategy; this framework can guide any MTD strategy for IoT systems. The framework's objective is to find, after several iterations, the MTD strategy parameters that achieve a balance between five different measurable variables of an IoT system.
KW - Internet of Things
KW - Moving target defense
KW - cybersecurity
KW - framework
UR - http://www.scopus.com/inward/record.url?scp=85113823734&partnerID=8YFLogxK
U2 - 10.1109/ACCESS.2021.3107403
DO - 10.1109/ACCESS.2021.3107403
M3 - Artículo
AN - SCOPUS:85113823734
SN - 2169-3536
VL - 9
SP - 118406
EP - 118418
JO - IEEE Access
JF - IEEE Access
M1 - 9521488
ER -