In recent years, Internet of Things (IoT) devices have been extensively deployed in edge networks, including smart homes and offices. Despite the exciting opportunities afforded by the advancements in the IoT, it also introduces new attack vectors and vulnerabilities in the system. Existing studies have shown that the attack graph is an effective model for performing system-level analysis of IoT security. In this paper, we study IoT system vulnerability analysis and network hardening. We first extend the concept of attack graph to weighted attack graph and design a novel algorithm for computing a shortest attack trace in a weighted attack graph. We then formulate the network hardening problem. We prove that this problem is NP-hard, and then design an exact algorithm and a heuristic algorithm to solve it. Extensive experiments on 9 synthetic IoT systems and 2 real-world smart home IoT testbeds demonstrate that our shortest attack trace algorithm is robust and fast, and our heuristic network hardening algorithm is efficient in producing near optimal results compared to the exact algorithm.
more »
« less
Active Attack Detection and Control in Constrained Cyber-Physical Systems Under Prevented Actuation Attack
- Award ID(s):
- 1932530
- NSF-PAR ID:
- 10357858
- Date Published:
- Journal Name:
- 2021 American Control Conference (ACC)
- Page Range / eLocation ID:
- 3242 to 3247
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.23919/ACC50511.2021.9483322
