A Moving Target Defense Strategy for Internet of Things Cybersecurity

Author(s):

Andres Aharhel Mercado-Velazquez Ponciano Jorge Escamilla-Ambrosio Floriberto Ortiz-Rodriguez

Journal

Institute of Electrical and Electronics Engineers (IEEE)

Abstract

This work proposes a Moving Target Defense (MTD) strategy that randomly shuffles the communication protocols through which a node communicates to a gateway in an IoT network. The system’s configuration changes have an associated cost. The objective of the proposed MTD strategy in this work is to balance the increase in system performance overhead, the increase in business impact (system unavailability), and, at the same time, the decrease in the probability of success of a given attack. A framework is proposed to design this strategy; this framework can guide any MTD strategy for IoT (Internet of Things) systems. The framework’s objective is to find, after several iterations, the MTD strategy parameters that achieve a balance between five different measurable variables of an IoT system.

Concluding remarks

The framework uses multiple-criteria decision analysis to determine the best solution (balance) given a set of parameters (elements of an MTD strategy) and goals (policies). In this work, we designed an MTD strategy for the chosen IoT use case that reduces by 70% the probability of success of a denial-of-service attack that exploits vulnerabilities in IoT wireless communication protocols, assuming that the probability of success of such attack is equal to 1, i.e., 100% if the MTD strategy is not implemented.
In addition, on average, considering CPU time, power consumption, and memory usage, the designed strategy increases system overhead by only 19% compared to the system performance when it is not running any MTD strategy. Finally, the designed strategy affects the service availability by only 2%, compared to 0% of service interruption time when the system does not execute any MTD strategy.

Reference details

DOI

10.1109/ACCESS.2021.3107403

Resource type

Journal Article

Year of Publication

2021

ISSN Number

2169-3536

Publication Area

Cybersecurity and defense

Date Published

2021

URL

https://ieeexplore.ieee.org/ab…

How to cite this reference:

Mercado-Velazquez, A. A., Escamilla-Ambrosio, P. J., & Ortiz-Rodriguez, F. (2021). A Moving Target Defense Strategy for Internet of Things Cybersecurity. Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/ACCESS.2021.3107403 (Original work published 2021)