A Moving Target Defense Strategy for Internet of Things Cybersecurity

Internet of Things (IoT) systems are becoming more common and present in our daily lives. The increase of Internet-connected devices has caused attackers to focus their attention more on these devices. Therefore, new and more sophisticated attacks on IoT systems are discovered every day. Currently, to ensure reliability and operability, most IoT systems are designed to operate in a relatively static configuration in a highly heterogeneous environment. However, a system that does not continuously change its configurations, i.e., a static system, gives an advantage to attackers; with enough time and resources, an attacker will eventually find and exploit the vulnerabilities of any static target. This work proposes a Moving Target Defense (MTD) strategy that randomly shuffles the communication protocols through which a node communicates to a gateway in an IoT network. The system's configuration changes have an associated cost. The objective of the proposed MTD strategy in this work is to balance the increase in system performance overhead, the increase in business impact (system unavailability), and, at the same time, the decrease in the probability of success of a given attack. A framework is proposed to design this strategy; this framework can guide any MTD strategy for IoT systems. The framework's objective is to find, after several iterations, the MTD strategy parameters that achieve a balance between five different measurable variables of an IoT system.