GRAVITAS: Graphical Reticulated Attack Vectors for Internet-of-Things
Aggregate Security
- URL: http://arxiv.org/abs/2106.00073v1
- Date: Mon, 31 May 2021 19:35:23 GMT
- Title: GRAVITAS: Graphical Reticulated Attack Vectors for Internet-of-Things
Aggregate Security
- Authors: Jacob Brown, Tanujay Saha, Niraj K. Jha
- Abstract summary: Internet-of-Things (IoT) and cyber-physical systems (CPSs) may consist of thousands of devices connected in a complex network topology.
We describe a comprehensive risk management system, called GRAVITAS, for IoT/CPS that can identify undiscovered attack vectors.
- Score: 5.918387680589584
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Internet-of-Things (IoT) and cyber-physical systems (CPSs) may consist of
thousands of devices connected in a complex network topology. The diversity and
complexity of these components present an enormous attack surface, allowing an
adversary to exploit security vulnerabilities of different devices to execute a
potent attack. Though significant efforts have been made to improve the
security of individual devices in these systems, little attention has been paid
to security at the aggregate level. In this article, we describe a
comprehensive risk management system, called GRAVITAS, for IoT/CPS that can
identify undiscovered attack vectors and optimize the placement of defenses
within the system for optimal performance and cost. While existing risk
management systems consider only known attacks, our model employs a machine
learning approach to extrapolate undiscovered exploits, enabling us to identify
attacks overlooked by manual penetration testing (pen-testing). The model is
flexible enough to analyze practically any IoT/CPS and provide the system
administrator with a concrete list of suggested defenses that can reduce system
vulnerability at optimal cost. GRAVITAS can be employed by governments,
companies, and system administrators to design secure IoT/CPS at scale,
providing a quantitative measure of security and efficiency in a world where
IoT/CPS devices will soon be ubiquitous.
Related papers
- Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC)
ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic.
We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
arXiv Detail & Related papers (2024-11-21T18:26:05Z) - SoK: A Systems Perspective on Compound AI Threats and Countermeasures [3.458371054070399]
We discuss different software and hardware attacks applicable to compound AI systems.
We show how combining multiple attack mechanisms can reduce the threat model assumptions required for an isolated attack.
arXiv Detail & Related papers (2024-11-20T17:08:38Z) - FaultGuard: A Generative Approach to Resilient Fault Prediction in Smart Electrical Grids [53.2306792009435]
FaultGuard is the first framework for fault type and zone classification resilient to adversarial attacks.
We propose a low-complexity fault prediction model and an online adversarial training technique to enhance robustness.
Our model outclasses the state-of-the-art for resilient fault prediction benchmarking, with an accuracy of up to 0.958.
arXiv Detail & Related papers (2024-03-26T08:51:23Z) - Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS)
FLEKD enables a more flexible aggregation method than conventional model fusion techniques.
Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z) - A Novel Online Incremental Learning Intrusion Prevention System [2.5234156040689237]
This paper proposes a novel Network Intrusion Prevention System that utilise a SelfOrganizing Incremental Neural Network along with a Support Vector Machine.
Due to its structure, the proposed system provides a security solution that does not rely on signatures or rules and is capable to mitigate known and unknown attacks in real-time with high accuracy.
arXiv Detail & Related papers (2021-09-20T13:30:11Z) - Automated Security Assessment for the Internet of Things [6.690766107366799]
We propose an automated security assessment framework for IoT networks.
Our framework first leverages machine learning and natural language processing to analyze vulnerability descriptions.
This security model automatically assesses the security of the IoT network by capturing potential attack paths.
arXiv Detail & Related papers (2021-09-09T04:42:24Z) - Invisible for both Camera and LiDAR: Security of Multi-Sensor Fusion
based Perception in Autonomous Driving Under Physical-World Attacks [62.923992740383966]
We present the first study of security issues of MSF-based perception in AD systems.
We generate a physically-realizable, adversarial 3D-printed object that misleads an AD system to fail in detecting it and thus crash into it.
Our results show that the attack achieves over 90% success rate across different object types and MSF.
arXiv Detail & Related papers (2021-06-17T05:11:07Z) - Clustering Algorithm to Detect Adversaries in Federated Learning [0.6091702876917281]
In this paper, we have proposed an approach that detects the adversaries with the help of a clustering algorithm.
Our proposed gradient filtration approach does not require any processing power from the client-side and does not use excessive bandwidth.
Our approach has been very successful in boosting the global model accuracy, up to 99% even in the presence of 40% adversaries.
arXiv Detail & Related papers (2021-02-22T06:49:59Z) - SHARKS: Smart Hacking Approaches for RisK Scanning in Internet-of-Things
and Cyber-Physical Systems based on Machine Learning [5.265938973293016]
Cyber-physical systems (CPS) and Internet-of-Things (IoT) devices are increasingly being deployed across multiple functionalities.
These devices are inherently not secure across their comprehensive software, hardware, and network stacks.
We present an innovative technique for detecting unknown system vulnerabilities, managing these vulnerabilities, and improving incident response.
arXiv Detail & Related papers (2021-01-07T22:01:30Z) - Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance.
We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems.
We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
arXiv Detail & Related papers (2020-10-19T13:09:31Z) - Measurement-driven Security Analysis of Imperceptible Impersonation
Attacks [54.727945432381716]
We study the exploitability of Deep Neural Network-based Face Recognition systems.
We show that factors such as skin color, gender, and age, impact the ability to carry out an attack on a specific target victim.
We also study the feasibility of constructing universal attacks that are robust to different poses or views of the attacker's face.
arXiv Detail & Related papers (2020-08-26T19:27:27Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.