Presentation is loading. Please wait.

Presentation is loading. Please wait.

Deployment Optimization of IoT Devices through Attack Graph Analysis

Published byΠαναγιώτα Γερμανός Modified over 4 years ago

Similar presentations

Presentation on theme: "Deployment Optimization of IoT Devices through Attack Graph Analysis"— Presentation transcript:

1 Deployment Optimization of IoT Devices through Attack Graph Analysis
Noga Agmon Supervisors: Dr. Rami Puzis, Dr. Asaf Shabtai Dept. of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Israel

2 Example

3 Example

4 Example

5 Example

6 Research Goals Investigate the security implications of different IoT deployments. Develop an algorithm to find the deployment with the minimum security risk (optimal deployment).

7 Example

8 Example Attack Graph Attack Path

9 Attack Graph – Background
Model of a computer network that encompasses computer connectivity, vulnerabilities, assets, and exploits. Used to represent collections of complex multi-step attack scenarios. Security analyst can assess the risks of potential intrusions and devise effective protective strategies by analyzing the attack graph. Three main stages: (1) network and vulnerabilities scanning, (2) attack graph modeling, and (3) attack graph analysis.

10 Attack Graph - Structure
𝑯 𝟏 Vul 1 Exp 𝑯 𝟐 Attacker in 𝑨 𝟏 𝑯 𝟐 Vul 2 Exp 𝑯 𝟏 𝑯 𝟑 Vul 3 Exp 𝑯 𝟐 → 𝑯 𝟑 Exp 𝑯 𝟏 → 𝑯 𝟑 Exp 𝑯 𝟑 →𝑮 Attacker Control 𝑯 𝟏 Attacker Control 𝑯 𝟐 Attacker Control 𝑯 𝟑 Attacker Control 𝑮 𝑮 Vul 4 1 2 10 9 8 6 4 5 3 14 13 11 12 7 𝑨 𝟏 𝑯 𝟏 𝑯 𝟐 𝑯 𝟑 𝑮 𝐏𝐫𝐢𝐯𝐢𝐥𝐠𝐞 𝐍𝐨𝐝𝐞𝐬 𝐄𝐱𝐩𝐥𝐨𝐢𝐭 𝐍𝐨𝐝𝐞𝐬 𝐅𝐚𝐜𝐭 𝐍𝐨𝐝𝐞𝐬

11 Attack Graph - Structure
𝑯 𝟏 Vul 1 Exp 𝑯 𝟐 Attacker in 𝑨 𝟏 𝑯 𝟐 Vul 2 Exp 𝑯 𝟏 𝑯 𝟑 Vul 3 Exp 𝑯 𝟐 → 𝑯 𝟑 Exp 𝑯 𝟏 → 𝑯 𝟑 Exp 𝑯 𝟑 →𝑮 Attacker Control 𝑯 𝟏 Attacker Control 𝑯 𝟐 Attacker Control 𝑯 𝟑 Attacker Control 𝑮 𝑮 Vul 4 1 2 10 9 8 6 4 5 3 14 13 11 12 7 𝑨 𝟏 𝑯 𝟏 𝑯 𝟐 𝑯 𝟑 𝑮 𝐏𝐫𝐢𝐯𝐢𝐥𝐠𝐞 𝐍𝐨𝐝𝐞𝐬 𝐄𝐱𝐩𝐥𝐨𝐢𝐭 𝐍𝐨𝐝𝐞𝐬 𝐅𝐚𝐜𝐭 𝐍𝐨𝐝𝐞𝐬 Attack Path

12 IoT Attack Graphs IoT devices introduce additional challenges to attack graphs: Diverse physical locations, Variety of short-range communication protocols, Cyber-physical capabilities of the devices, Mobility, etc.

13 IoT Attack Graphs Short-range communication protocols – The number of protocols in the device can influence the security. An hacker can take advantage of a compromised device and use the other protocols as entry points to the network. Physical location – The location of an IoT device can bridge between networks through short-range communication protocols.

14 IoT Attack Graphs We augmented the attack graph to model short-range communication protocols. We define possible connectivity between devices based on their locations and supported protocols.  The connection range of IoT device deployed in a location can be estimated based on the radio specification of the device.

15 Risk Score A way to quantify the security of a network.
There are many methods to measure the security risk using an attack graph. For example, likelihood of attack, number of exploits needed, etc.

16 Our Risk Score The risk increases as the possible attack paths become shorter and as more of the shortest attack paths are added. We choose to calculate the shortest attack paths, taking their length and quantity into consideration. Our method for calculating risk score is sensitive to small changes in different deployments.

17 Problem Definition We solved two optimization problems.
Full Deployment with Minimal Risk (FDMR): all required IoT devices should be deployed with minimal security implications. Maximal Utility without Risk Deterioration (MURD): the maximal number of IoT devices that can be deployed without increasing the security risk of the network.

18 Heuristic Search Empty Deployment
Full Deployment 1 Full Deployment 2 Full Deployment n FDMR: Full Deployment with Minimal Risk. MURD: Maximal Utility without Risk Deterioration. Remainder

19 Heuristic Search We used depth-first branch and bound (DFBnB).
DFBnB prunes subtrees of the search space where there is no point to expand. In order to perform pruning more frequently and thus accelerate the search process, DFBnB uses a heuristic function.

20 Heuristic Function In an informed way, heuristics help the algorithm guess which child out of all of the node's children will lead to the goal. A heuristic is an estimation of the cost of the path from node 𝑛 to a goal node.

21 Our Heuristic Function
Table of risk scores containing the risk scores for each IoT device in each possible location. For each deployment, we update the table, removing the IoT device that was deployed or not allowed to be deployed. \ - R

22 Our Heuristic Function
FDMR: Chooses the cell with the highest risk score in the table. MURD: Counts the number of IoT devices with the same risk score as the root state. - R FDMR: Full Deployment with Minimal Risk. MURD: Maximal Utility without Risk Deterioration. Remainder

23 Experimental Setup We solved the two problems as optimization problems. Organization Network – We took a real network organization consisting of 24 hosts. Simulations – We simulated the IoT devices and the physical locations of the hosts.

24 Experimental Setup Number of Executions – We executed the experiments forty times, simulating different physical locations each time. All results are the average results of all executions. Random Deployment – For comparison, we also ran both problems randomly as a baseline. FDMR – Randomly deployed all required IoT devices. MURD – Added a device randomly and computed the risk score. We started with no IoT devices deployed and continued until full deployment. This random baseline was executed the same number of times as our algorithm (forty times). FDMR: Full Deployment with Minimal Risk. MURD: Maximal Utility without Risk Deterioration. Remainder

25 Devices Deployed (std)
Results Problem DFBnB Random Deployment Time (min) Risk Score (std) Devices Deployed (std) FDMR 36.20 1229 (239.41) 6 (0) (370.82) MURD 3.88 1032 (0) 4.40 (1.13) (364.74) 4 (0) The risk score of the initial state (with no IoT devices) is 1032. FDMR: Full Deployment with Minimal Risk. MURD: Maximal Utility without Risk Deterioration. Remainder

26 Devices Deployed (std)
Results Problem DFBnB Random Deployment Time (min) Risk Score (std) Devices Deployed (std) FDMR 36.20 1229 (239.41) 6 (0) (370.82) MURD 3.88 1032 (0) 4.40 (1.13) (364.74) 4 (0) The risk score of the initial state (with no IoT devices) is 1032. FDMR problem - an increase of 19% compared to initial state. In the random deployment the increase was 44%. FDMR: Full Deployment with Minimal Risk. MURD: Maximal Utility without Risk Deterioration. Remainder

27 Devices Deployed (std)
Results Problem DFBnB Random Deployment Time (min) Risk Score (std) Devices Deployed (std) FDMR 36.20 1229 (239.41) 6 (0) (370.82) MURD 3.88 1032 (0) 4.40 (1.13) (364.74) 4 (0) The risk score of the initial state (with no IoT devices) is 1032. FDMR problem - an increase of 19% compared to initial state. In the random deployment the increase was 44%. MURD problem - on average, four to five devices can be deployed without any change in the risk score. When deploying four devices randomly the risk score is 1539 (increase of 49%). FDMR: Full Deployment with Minimal Risk. MURD: Maximal Utility without Risk Deterioration. Remainder

28 Additional Results Trade-off between the allowed risk of the IoT deployment and the maximal number of IoT devices that can be deployed.

29 Conclusion Planning the deployment of IoT devices is important.
Randomly deploying devices can greatly affect the security of the organization's network. Novel method for suggesting the optimal deployment (in terms of the security risk) of a set of IoT devices within an organization.

30 Future Work Develop heuristic functions for additional risk scores.
Add cyber-physical capabilities and unique functionalities to the IoT devices.

31 Discussion / Questions
Thank You

Download ppt "Deployment Optimization of IoT Devices through Attack Graph Analysis"

Similar presentations

A Moving Strategy for Mobile Sink in Secure Data Collection Zhou Sha.

A Moving Strategy for Mobile Sink in Secure Data Collection Zhou Sha.
Traveling Salesperson Problem

Traveling Salesperson Problem
1 Intrusion Monitoring of Malicious Routing Behavior Poornima Balasubramanyam Karl Levitt Computer Security Laboratory Department of Computer Science UCDavis.

1 Intrusion Monitoring of Malicious Routing Behavior Poornima Balasubramanyam Karl Levitt Computer Security Laboratory Department of Computer Science UCDavis.
DIJKSTRA’s Algorithm. Definition fwd search Find the shortest paths from a given SOURCE node to ALL other nodes, by developing the paths in order of increasing.

DIJKSTRA’s Algorithm. Definition fwd search Find the shortest paths from a given SOURCE node to ALL other nodes, by developing the paths in order of increasing.
State Space 3 Chapter 4 Heuristic Search. Three Algorithms Backtrack Depth First Breadth First All work if we have well-defined: Goal state Start state.

State Space 3 Chapter 4 Heuristic Search. Three Algorithms Backtrack Depth First Breadth First All work if we have well-defined: Goal state Start state.
Search by partial solutions. Where are we? Optimization methods Complete solutions Partial solutions Exhaustive search Hill climbing Random restart General.

Search by partial solutions. Where are we? Optimization methods Complete solutions Partial solutions Exhaustive search Hill climbing Random restart General.
A Mobile Infrastructure Based VANET Routing Protocol in the Urban Environment School of Electronics Engineering and Computer Science, PKU, Beijing, China.

A Mobile Infrastructure Based VANET Routing Protocol in the Urban Environment School of Electronics Engineering and Computer Science, PKU, Beijing, China.
Detecting Network Intrusions via Sampling : A Game Theoretic Approach Presented By: Matt Vidal Murali Kodialam T.V. Lakshman July 22, 2003 Bell Labs, Lucent.

Detecting Network Intrusions via Sampling : A Game Theoretic Approach Presented By: Matt Vidal Murali Kodialam T.V. Lakshman July 22, 2003 Bell Labs, Lucent.
IEEE OpComm 2006, Berlin, Germany 18. September 2006 A Study of On-Off Attack Models for Wireless Ad Hoc Networks L. Felipe Perrone Dept. of Computer Science.

IEEE OpComm 2006, Berlin, Germany 18. September 2006 A Study of On-Off Attack Models for Wireless Ad Hoc Networks L. Felipe Perrone Dept. of Computer Science.
Mario Čagalj supervised by prof. Jean-Pierre Hubaux (EPFL-DSC-ICA) and prof. Christian Enz (EPFL-DE-LEG, CSEM) Wireless Sensor Networks:

Mario Čagalj supervised by prof. Jean-Pierre Hubaux (EPFL-DSC-ICA) and prof. Christian Enz (EPFL-DE-LEG, CSEM) Wireless Sensor Networks:
Backtracking.

Backtracking.
1 Algorithms for Bandwidth Efficient Multicast Routing in Multi-channel Multi-radio Wireless Mesh Networks Hoang Lan Nguyen and Uyen Trang Nguyen Presenter:

1 Algorithms for Bandwidth Efficient Multicast Routing in Multi-channel Multi-radio Wireless Mesh Networks Hoang Lan Nguyen and Uyen Trang Nguyen Presenter:
Systematic Analysis of Interactome: A New Trend in Bioinformatics KOCSEA Technical Symposium 2010 Young-Rae Cho, Ph.D. Assistant Professor Department of.

Systematic Analysis of Interactome: A New Trend in Bioinformatics KOCSEA Technical Symposium 2010 Young-Rae Cho, Ph.D. Assistant Professor Department of.
Fast Failover for Control Traffic in Software-defined Networks Globecom 2012 Neda B. & Ying Z. Presented by: Szu-Ping Wang.

Fast Failover for Control Traffic in Software-defined Networks Globecom 2012 Neda B. & Ying Z. Presented by: Szu-Ping Wang.
Busby, Dodge, Fleming, and Negrusa. Backtracking Algorithm Is used to solve problems for which a sequence of objects is to be selected from a set such.

Busby, Dodge, Fleming, and Negrusa. Backtracking Algorithm Is used to solve problems for which a sequence of objects is to be selected from a set such.
Topology aggregation and Multi-constraint QoS routing Presented by Almas Ansari.

Topology aggregation and Multi-constraint QoS routing Presented by Almas Ansari.
Energy-Aware Scheduling with Quality of Surveillance Guarantee in Wireless Sensor Networks Jaehoon Jeong, Sarah Sharafkandi and David H.C. Du Dept. of.

Energy-Aware Scheduling with Quality of Surveillance Guarantee in Wireless Sensor Networks Jaehoon Jeong, Sarah Sharafkandi and David H.C. Du Dept. of.
De-Nian Young Ming-Syan Chen IEEE Transactions on Mobile Computing Slide content thanks in part to Yu-Hsun Chen, University of Taiwan.

De-Nian Young Ming-Syan Chen IEEE Transactions on Mobile Computing Slide content thanks in part to Yu-Hsun Chen, University of Taiwan.
DISCERN: Cooperative Whitespace Scanning in Practical Environments Tarun Bansal, Bo Chen and Prasun Sinha Ohio State Univeristy.

DISCERN: Cooperative Whitespace Scanning in Practical Environments Tarun Bansal, Bo Chen and Prasun Sinha Ohio State Univeristy.
Load-Balancing Routing in Multichannel Hybrid Wireless Networks With Single Network Interface So, J.; Vaidya, N. H.; Vehicular Technology, IEEE Transactions.

Load-Balancing Routing in Multichannel Hybrid Wireless Networks With Single Network Interface So, J.; Vaidya, N. H.; Vehicular Technology, IEEE Transactions.

Similar presentations

Ads by Google