research-article Free Access
- Authors:
- Zubaida Rehman RMIT University, Australia
RMIT University, Australia
Search about this author
- Iqbal Gondal RMIT University, Australia
RMIT University, Australia
Search about this author
- Mengmeng Ge University of Canterbury, New Zealand
University of Canterbury, New Zealand
Search about this author
- Hai Dong RMIT University, Australia
RMIT University, Australia
Search about this author
- Mark Gregory RMIT University, Australia
RMIT University, Australia
Search about this author
- Zahir Tari RMIT University, Australia
RMIT University, Australia
Search about this author
Computers and SecurityVolume 139Issue CApr 2024https://doi.org/10.1016/j.cose.2023.103685
Published:16 May 2024Publication History
- 0citation
- 0
- Downloads
Metrics
Total Citations0Total Downloads0Last 12 Months0
Last 6 weeks0
- Get Citation Alerts
New Citation Alert added!
This alert has been successfully added and will be sent to:
You will be notified whenever a record that you have chosen has been cited.
To manage your alert preferences, click on the button below.
Manage my Alerts
New Citation Alert!
Please log in to your account
- Publisher Site
Computers and Security
Volume 139, Issue C
PreviousArticleNextArticle
Abstract
Abstract
The Internet of Things (IoT) has become increasingly prevalent in various aspects of our lives, enabling billions of devices to connect and communicate seamlessly. However, the intricate nature of IoT connections and device vulnerabilities exposes the devices to security threats. To address the security challenges, we propose a proactive defense framework that leverages a model-based approach for security analysis and facilitates the defense strategies. Our proposed approach incorporates proactive defense mechanisms that combine Moving Target Defense techniques with cyber deception. The proposed approach involves the use of a decoy nodes as a deception technique and operating system based diversity as a moving target defense strategy to change the attack surface area of IoT networks. Additionally, we introduce a technique known as Important Measure-based Operating System Diversity to reduce defense cost. The effectiveness of the defense mechanisms was evaluated by using a graphical security model in a Software Defined Networking-based IoT network. Simulation results demonstrate the effectiveness of our approach in mitigating the impact of attacks while maintaining high performance levels in IoT networks.
References
- Ajmal et al., 2021 Ajmal A.B., Alam M., Khaliq A.A., Khan S., Qadir Z., Mahmud M.P., Last line of defense: reliability through inducing cyber threat hunting with deception in scada networks, IEEE Access 9 (2021) 126789–126800.Google Scholar
- Al-Shaer, 2011 Al-Shaer E.,
Toward network configuration randomization for moving target defense , in: Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, Springer, 2011, pp. 153–159.Google Scholar - Alavizadeh et al., 2018 Alavizadeh H., Jang-Jaccard J., Kim D.S.,
Evaluation for combination of shuffle and diversity on moving target defense strategy for cloud computing , in: 2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), IEEE, 2018, pp. 573–578.Google Scholar - Alavizadeh et al., 2017 Alavizadeh H., Kim D.S., Hong J.B., Jang-Jaccard J.,
Effective security analysis for combinations of mtd techniques on cloud computing (short paper) , in: International Conference on Information Security Practice and Experience, Springer, 2017, pp. 539–548.Google Scholar - Alavizadeh et al., 2020 Alavizadeh H., Kim D.S., Jang-Jaccard J., Model-based evaluation of combinations of shuffle and diversity mtd techniques on the cloud, Future Gener. Comput. Syst. 111 (2020) 507–522.Google Scholar
- Almohaimeed et al., 2019 Almohaimeed A., Gampa S., Singh G.,
Privacy-preserving iot devices , in: 2019 IEEE Long Island Systems, Applications and Technology Conference (LISAT), IEEE, 2019, pp. 1–5.Google Scholar - Anirudh et al., 2017 Anirudh M., Thileeban S.A., Nallathambi D.J.,
Use of honeypots for mitigating dos attacks targeted on iot networks , in: 2017 International Conference on Computer, Communication and Signal Processing (ICCCSP), IEEE, 2017, pp. 1–4.Google Scholar - Antonatos et al., 2005 Antonatos S., Akritidis P., Markatos E.P., Anagnostakis K.G.,
Defending against hitlist worms using network address space randomization , in: Proceedings of the 2005 ACM Workshop on Rapid Malcode, 2005, pp. 30–40.Google Scholar - Anwar et al., 2020 Anwar A.H., Kamhoua C., Leslie N.,
Honeypot allocation over attack graphs in cyber deception games , in: 2020 International Conference on Computing, Networking and Communications (ICNC), IEEE, 2020, pp. 502–506.Google Scholar - Anwar and Kamhoua, 2022 Anwar A.H., Kamhoua C.A.,
Cyber deception using honeypot allocation and diversity: a game theoretic approach , in: 2022 IEEE 19th Annual Consumer Communications & Networking Conference (CCNC), IEEE, 2022, pp. 543–549.Google Scholar - Azab et al., 2011 Azab M., Hassan R., Eltoweissy M.,
Chameleonsoft: a moving target defense system , in: 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), IEEE, 2011, pp. 241–250.Google Scholar - Bawany et al., 2017 Bawany N.Z., Shamsi J.A., Salah K., Ddos attack detection and mitigation using sdn: methods, practices, and solutions, Arab. J. Sci. Eng. 42 (2017) 425–441.Google Scholar
- Bernardos et al., 2014 Bernardos C.J., De La Oliva A., Serrano P., Banchs A., Contreras L.M., Jin H., Zúñiga J.C., An architecture for software defined wireless networking, IEEE Wirel. Commun. 21 (3) (2014) 52–61.Google Scholar
- Bhunia and Gurusamy, 2017 Bhunia S.S., Gurusamy M.,
Dynamic attack detection and mitigation in iot using sdn , in: 2017 27th International Telecommunication Networks and Applications Conference (ITNAC), IEEE, 2017, pp. 1–6.Google Scholar - Borbor et al., 2019 Borbor D., Wang L., Jajodia S., Singhal A., Optimizing the network diversity to improve the resilience of networks against unknown attacks, Comput. Commun. 145 (2019) 96–112.Google Scholar
Digital Library
- Bulle et al., 2020 Bulle B.B., Santin A.O., Viegas E.K., dos Santos R.R.,
A host-based intrusion detection model based on os diversity for scada , in: IECON 2020 the 46th Annual Conference of the IEEE Industrial Electronics Society, IEEE, 2020, pp. 691–696.Google Scholar - Butun et al., 2019 Butun I., Österberg P., Song H., Security of the Internet of things: vulnerabilities, attacks, and countermeasures, IEEE Commun. Surv. Tutor. 22 (1) (2019) 616–644.Google Scholar
Digital Library
- Cai et al., 2016 Cai G.-l., Wang B.-s., Hu W., Wang T.-z., Moving target defense: state of the art and characteristics, Front. Inf. Technol. Electron. Eng. 17 (11) (2016) 1122–1153.Google Scholar
- Chaabouni et al., 2019 Chaabouni N., Mosbah M., Zemmari A., Sauvignac C., Faruki P., Network intrusion detection for iot security based on learning techniques, IEEE Commun. Surv. Tutor. 21 (3) (2019) 2671–2701.Google Scholar
- Chen et al., 2021 Chen H., Cam H., Xu S., Quantifying cybersecurity effectiveness of dynamic network diversity, IEEE Trans. Dependable Secure Comput. 19 (6) (2021) 3804–3821.Google Scholar
- Cho et al., 2020 Cho J.-H., Sharma D.P., Alavizadeh H., Yoon S., Ben-Asher N., Moore T.J., Kim D.S., Lim H., Nelson F.F., Toward proactive, adaptive defense: a survey on moving target defense, IEEE Commun. Surv. Tutor. 22 (1) (2020) 709–745.Google Scholar
Digital Library
- De Oliveira et al., 2015 De Oliveira B.T., Gabriel L.B., Margi C.B., Tinysdn: enabling multiple controllers for software-defined wireless sensor networks, IEEE Lat. Am. Trans. 13 (11) (2015) 3690–3696.Google Scholar
- Dowling et al., 2017 Dowling S., Schukat M., Melvin H.,
A zigbee honeypot to assess iot cyberattack behaviour , in: 2017 28th Irish Signals and Systems Conference (ISSC), IEEE, 2017, pp. 1–6.Google Scholar - Du and Wang, 2019 Du M., Wang K., An sdn-enabled pseudo-honeypot strategy for distributed denial of service attacks in industrial internet of things, IEEE Trans. Ind. Inform. 16 (1) (2019) 648–657.Google Scholar
- Duman et al., 2017 Duman O., Zhang M., Wang L., Debbabi M.,
Measuring the security posture of iec 61850 substations with redundancy against zero day attacks , in: 2017 IEEE International Conference on Smart Grid Communications (SmartGridComm), IEEE, 2017, pp. 108–114.Google Scholar - Fda, 2017 Fda F.D.A., US Food and Drug Administration, 2017.Google Scholar
- Galluccio et al., 2015 Galluccio L., Milardo S., Morabito G., Palazzo S.,
Sdn-wise: design, prototyping and experimentation of a stateful sdn solution for wireless sensor networks , in: 2015 IEEE Conference on Computer Communications (INFOCOM), IEEE, 2015, pp. 513–521.Google Scholar - Garcia et al., 2011 Garcia M., Bessani A., Gashi I., Neves N., Obelheiro R.,
Os diversity for intrusion tolerance: myth or reality? , in: 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN), IEEE, 2011, pp. 383–394.Google Scholar - Gärtner, 2003 Gärtner F.C.,
Byzantine failures and security: arbitrary is not (always) random , in: INFORMATIK 2003-Mit Sicherheit Informatik, Schwerpunkt “Sicherheit-Schutz und Zuverlässigkeit”, 2003.Google Scholar - Ge et al., 2021 Ge M., Cho J.-H., Kim D., Dixit G., Chen I.-R., Proactive defense for internet-of-things: moving target defense with cyberdeception, ACM Trans. Internet Technol. 22 (1) (2021) 1–31.Google Scholar
- Ge et al., 2017 Ge M., Hong J.B., Guttmann W., Kim D.S., A framework for automating security analysis of the internet of things, J. Netw. Comput. Appl. 83 (2017) 12–27.Google Scholar
- Gorbenko et al., 2019 Gorbenko A., Romanovsky A., Tarasyuk O., Biloborodov O., From analyzing operating system vulnerabilities to designing multiversion intrusion-tolerant architectures, IEEE Trans. Reliab. 69 (1) (2019) 22–39.Google Scholar
- Guo et al., 2019 Guo X., Lin H., Li Z., Peng M., Deep-reinforcement-learning-based qos-aware secure routing for sdn-iot, IEEE Int. Things J. 7 (7) (2019) 6242–6251.Google Scholar
- Hamada et al., 2018 Hamada A.O., Azab M., Mokhtar A.,
Honeypot-like moving-target defense for secure iot operation , in: 2018 IEEE 9th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), IEEE, 2018, pp. 971–977.Google Scholar - Hassija et al., 2019 Hassija V., Chamola V., Saxena V., Jain D., Goyal P., Sikdar B., A survey on iot security: application areas, security threats, and solution architectures, IEEE Access 7 (2019) 82721–82743.Google Scholar
- Hong and Kim, 2013 Hong J.B., Kim D.S.,
Scalable security model generation and analysis using k-importance measures , in: Security and Privacy in Communication Networks: 9th International ICST Conference, in:Revised Selected Papers , vol. 9,SecureComm 2013, Sydney, NSW, Australia, September 25–28, 2013 , Springer, 2013, pp. 270–287.Google Scholar - Hong and Kim, 2015 Hong J.B., Kim D.S., Assessing the effectiveness of moving target defenses using security models, IEEE Trans. Dependable Secure Comput. 13 (2) (2015) 163–177.Google Scholar
Digital Library
- Hong et al., 2017 Hong J.B., Kim D.S., Chung C.-J., Huang D., A survey on the usability and practical applications of graphical security models, Comput. Sci. Rev. 26 (2017) 1–16.Google Scholar
Digital Library
- Huang and Ghosh, 2011 Huang Y., Ghosh A.K.,
Introducing diversity and uncertainty to create moving attack surfaces for web services , in: Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, Springer, 2011, pp. 131–151.Google Scholar - Islam and Al-Shaer, 2020 Islam M.M., Al-Shaer E.,
Active deception framework: an extensible development environment for adaptive cyber deception , in: 2020 IEEE Secure Development (SecDev), IEEE, 2020, pp. 41–48.Google Scholar - Jafarian et al., 2012 Jafarian J.H., Al-Shaer E., Duan Q.,
Openflow random host mutation: transparent moving target defense using software defined networking , in: Proceedings of the First Workshop on Hot Topics in Software Defined Networks, 2012, pp. 127–132.Google Scholar - Kanellopoulos and Vamvoudakis, 2019 Kanellopoulos A., Vamvoudakis K.G., A moving target defense control framework for cyber-physical systems, IEEE Trans. Autom. Control 65 (3) (2019) 1029–1043.Google Scholar
- Khosravi-Farmad et al., 2018 Khosravi-Farmad M., Ramaki A.A., Bafghi A.G.,
Moving target defense against advanced persistent threats for cybersecurity enhancement , in: 2018 8th International Conference on Computer and Knowledge Engineering (ICCKE), IEEE, 2018, pp. 280–285.Google Scholar - Koo et al., 2018 Koo H., Chen Y., Lu L., Kemerlis V.P., Polychronakis M.,
Compiler-assisted code randomization , in: 2018 IEEE Symposium on Security and Privacy (SP), IEEE, 2018, pp. 461–477.Google Scholar - Kotronis et al., 2012 Kotronis V., Dimitropoulos X., Ager B.,
Outsourcing the routing control logic: better internet routing based on sdn principles , in: Proceedings of the 11th ACM Workshop on Hot Topics in Networks, 2012, pp. 55–60.Google Scholar - Kouachi et al., 2018 Kouachi A.I., Sahraoui S., Bachir A.,
Per packet flow anonymization in 6lowpan iot networks , in: 2018 6th International Conference on Wireless Networks and Mobile Communications (WINCOM), IEEE, 2018, pp. 1–7.Google Scholar - Li et al., 2017 Li C., Qin Z., Novak E., Li Q., Securing sdn infrastructure of iot–fog networks from mitm attacks, IEEE Int. Things J. 4 (5) (2017) 1156–1164.Google Scholar
- Liu et al., 2020a Liu W., Ge M., Kim D.S.,
Integrated proactive defense for software defined internet of things under multi-target attacks , in: 2020 20th IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing (CCGRID), IEEE, 2020, pp. 767–774.Google Scholar - Liu et al., 2020b Liu Y., Grigoryan G., Kamhoua C.A., Njilla L.L.,
Leverage sdn for cyber-security deception in internet of things , in: Modeling and Design of Secure Internet of Things, 2020, pp. 479–503.Google Scholar - Mahmood and Shila, 2016 Mahmood K., Shila D.M.,
Moving target defense for internet of things using context aware code partitioning and code diversification , in: 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT), IEEE, 2016, pp. 329–330.Google Scholar - Mudaliar and Sivakumar, 2020 Mudaliar M.D., Sivakumar N., Iot based real time energy monitoring system using raspberry pi, Int. Things 12 (2020).Google Scholar
- Navas et al., 2020 Navas R.E., Cuppens F., Cuppens N.B., Toutain L., Papadopoulos G.Z., Mtd, where art thou? A systematic review of moving target defense techniques for iot, IEEE Int. Things J. 8 (10) (2020) 7818–7832.Google Scholar
- NIST, 2023 NIST , National Vulnerability Database. National Institute of Standards and Technology, U.S. Government, 2023.Google Scholar
- Nizzi et al., 2019 Nizzi F., Pecorella T., Esposito F., Pierucci L., Fantacci R., Iot security via address shuffling: the easy way, IEEE Int. Things J. 6 (2) (2019) 3764–3774.Google Scholar
- Oo and Koide, 2019 Oo W.K.K., Koide H., A framework of moving target defenses for the Internet of things, Bull. Netw. Comput. Syst. Softw. 8 (2) (2019) 104–107.Google Scholar
- Qin et al., 2014 Qin Z., Denker G., Giannelli C., Bellavista P., Venkatasubramanian N.,
A software defined networking architecture for the internet-of-things , in: 2014 IEEE Network Operations and Management Symposium (NOMS), IEEE, 2014, pp. 1–9.Google Scholar - Ravi and Shalinie, 2020 Ravi N., Shalinie S.M., Learning-driven detection and mitigation of ddos attack in iot via sdn-cloud architecture, IEEE Int. Things J. 7 (4) (2020) 3559–3570.Google Scholar
- Salman et al., 2018 Salman O., Elhajj I., Chehab A., Kayssi A., Iot survey: an sdn and fog computing perspective, Comput. Netw. 143 (2018) 221–246.Google Scholar
Digital Library
- Savola et al., 2012 Savola R.M., Abie H., Sihvonen M.,
Towards metrics-driven adaptive security management in e-health iot applications , in: BODYNETS, 2012, pp. 276–281.Google Scholar - Sengupta et al., 2020 Sengupta S., Chowdhary A., Sabur A., Alshamrani A., Huang D., Kambhampati S., A survey of moving target defenses for network security, IEEE Commun. Surv. Tutor. 22 (3) (2020) 1909–1941.Google Scholar
- Smith et al., 2020 Smith J., Johnson A., Davis M.,
A comparative analysis of intrusion detection techniques for iot networks , in: IEEE International Conference on Internet of Things (iThings), IEEE, 2020.Google Scholar - Tambe et al., 2019 Tambe A., Aung Y.L., Sridharan R., Ochoa M., Tippenhauer N.O., Shabtai A., Elovici Y.,
Detection of threats to iot devices using scalable vpn-forwarded honeypots , in: Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy, 2019, pp. 85–96.Google Scholar - Team, 2003 Team P. (2003): Pax address space layout randomization. http://pax.grsecurity.net/docs/aslr.txt.Google Scholar
- Torquato et al., 2020 Torquato M., Maciel P., Vieira M.,
Security and availability modeling of vm migration as moving target defense , in: 2020 IEEE 25th Pacific Rim International Symposium on Dependable Computing (PRDC), IEEE, 2020, pp. 50–59.Google Scholar - Wang and Lu, 2018 Wang C., Lu Z., Cyber deception: overview and the road ahead, IEEE Secur. Priv. 16 (2) (2018) 80–85.Google Scholar
- Wang et al., 2017 Wang J., Miao Y., Zhou P., Hossain M.S., Rahman S.M.M., A software defined network routing in wireless multihop network, J. Netw. Comput. Appl. 85 (2017) 76–83.Google Scholar
Digital Library
- Wang et al., 2019 Wang S., Shi H., Hu Q., Lin B., Cheng X., Moving target defense for internet of things based on the zero-determinant theory, IEEE Int. Things J. 7 (1) (2019) 661–668.Google Scholar
- Winn et al., 2015 Winn M., Rice M., Dunlap S., Lopez J., Mullins B., Constructing cost-effective and targetable industrial control system honeypots for production networks, Int. J. Crit. Infrastruct. Prot. 10 (2015) 47–58.Google Scholar
Digital Library
- Yao et al., 2019 Yao S., Li Z., Guan J., Liu Y., Stochastic cost minimization mechanism based on identifier network for iot security, IEEE Int. Things J. 7 (5) (2019) 3923–3934.Google Scholar
- Zeng et al., 2015 Zeng D., Li P., Guo S., Miyazaki T., Hu J., Xiang Y., Energy minimization in multi-task software-defined sensor networks, IEEE Trans. Comput. 64 (11) (2015) 3128–3139.Google Scholar
- Zhang et al., 2014 Zhang L., Shetty S., Liu P., Jing J.,
Rootkitdet: practical end-to-end defense against kernel rootkits in a cloud environment , in: Computer Security-ESORICS 2014: 19th European Symposium on Research in Computer Security, Proceedings, Part II 19,Wroclaw, Poland, September 7–11, 2014 , Springer, 2014, pp. 475–493.Google Scholar - Zhang et al., 2016 Zhang M., Wang L., Jajodia S., Singhal A., Albanese M., Network diversity: a security metric for evaluating the resilience of networks against zero-day attacks, IEEE Trans. Inf. Forensics Secur. 11 (5) (2016) 1071–1086.Google Scholar
Digital Library
- Zhang et al., 2012 Zhang Y., Li M., Bai K., Yu M., Zang W.,
Incentive compatible moving target defense against vm-colocation attacks in clouds , in: Information Security and Privacy Research: 27th IFIP TC 11 Information Security and Privacy Conference, Proceedings 27,SEC 2012, Heraklion, Crete, Greece, June 4–6, 2012 , Springer, 2012, pp. 388–399.Google Scholar - Zhang et al., 2018 Zhang Z., Njilla L., Kamhoua C.A., Yu Q., Thwarting security threats from malicious fpga tools with novel fpga-oriented moving target defense, IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 27 (3) (2018) 665–678.Google Scholar
- Zheng and Namin, 2019 Zheng J., Namin A.S., A survey on the moving target defense strategies: an architectural perspective, J. Comput. Sci. Technol. 34 (2019) 207–233.Google Scholar
- Zhou et al., 2021 Zhou Y., Cheng G., Yu S., An sdn-enabled proactive defense framework for ddos mitigation in iot networks, IEEE Trans. Inf. Forensics Secur. 16 (2021) 5366–5380.Google Scholar
Digital Library
- Zscaler, 2023 Zscaler , Zscaler Deploying Services, 2023.Google Scholar
Cited By
View all
Recommendations
- Proactive Defense for Internet-of-things: Moving Target Defense With Cyberdeception
Resource constrained Internet-of-Things (IoT) devices are highly likely to be compromised by attackers, because strong security protections may not be suitable to be deployed. This requires an alternative approach to protect vulnerable components in IoT ...
Read More
- Moving Target Defense Against Injection Attacks
Algorithms and Architectures for Parallel Processing
Abstract
With the development of network technology, web services become more convenient and popular. However, web services are also facing serious security threats, especially SQL injection attack(SQLIA). Due to the diversity of attack techniques and the ...
Read More
- Evaluating the effectiveness of shuffle and redundancy MTD techniques in the cloud
Abstract
Moving Target Defense (MTD) is a defensive strategy to thwart adversaries by continuously shifting the attack surface. The MTD techniques can be applied to the cloud computing to make the cloud more unpredictable, hence more difficult ...
Read More
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in
Full Access
Get this Article
- Information
- Contributors
Published in
Computers and Security Volume 139, Issue C
Apr 2024
874 pages
ISSN:0167-4048
Issue’s Table of Contents
The Author(s)
Sponsors
In-Cooperation
Publisher
Elsevier Advanced Technology Publications
United Kingdom
Publication History
- Published: 16 May 2024
Author Tags
- Internet of things
- Moving target defense
- Graphical security models
- Diversity
Qualifiers
- research-article
Conference
Funding Sources
Other Metrics
View Article Metrics
- Bibliometrics
- Citations0
Article Metrics
- View Citations
Total Citations
Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
This publication has not been cited yet
Digital Edition
View this article in digital edition.
View Digital Edition
- Figures
- Other
Close Figure Viewer
Browse AllReturn
Caption
View Issue’s Table of Contents