Automated Security Assessment for the Internet of Things
- URL: http://arxiv.org/abs/2109.04029v1
- Date: Thu, 9 Sep 2021 04:42:24 GMT
- Title: Automated Security Assessment for the Internet of Things
- Authors: Xuanyu Duan, Mengmeng Ge, Triet H. M. Le, Faheem Ullah, Shang Gao,
Xuequan Lu, M. Ali Babar
- Abstract summary: We propose an automated security assessment framework for IoT networks.
Our framework first leverages machine learning and natural language processing to analyze vulnerability descriptions.
This security model automatically assesses the security of the IoT network by capturing potential attack paths.
- Score: 6.690766107366799
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Internet of Things (IoT) based applications face an increasing number of
potential security risks, which need to be systematically assessed and
addressed. Expert-based manual assessment of IoT security is a predominant
approach, which is usually inefficient. To address this problem, we propose an
automated security assessment framework for IoT networks. Our framework first
leverages machine learning and natural language processing to analyze
vulnerability descriptions for predicting vulnerability metrics. The predicted
metrics are then input into a two-layered graphical security model, which
consists of an attack graph at the upper layer to present the network
connectivity and an attack tree for each node in the network at the bottom
layer to depict the vulnerability information. This security model
automatically assesses the security of the IoT network by capturing potential
attack paths. We evaluate the viability of our approach using a
proof-of-concept smart building system model which contains a variety of
real-world IoT devices and potential vulnerabilities. Our evaluation of the
proposed framework demonstrates its effectiveness in terms of automatically
predicting the vulnerability metrics of new vulnerabilities with more than 90%
accuracy, on average, and identifying the most vulnerable attack paths within
an IoT network. The produced assessment results can serve as a guideline for
cybersecurity professionals to take further actions and mitigate risks in a
timely manner.
Related papers
- Machine Learning-Assisted Intrusion Detection for Enhancing Internet of Things Security [1.2369895513397127]
Attacks against the Internet of Things (IoT) are rising as devices, applications, and interactions become more networked and integrated.
To efficiently secure IoT devices, real-time detection of intrusion systems is critical.
This paper investigates the latest research on machine learning-based intrusion detection strategies for IoT security.
arXiv Detail & Related papers (2024-10-01T19:24:34Z) - EAIRiskBench: Towards Evaluating Physical Risk Awareness for Task Planning of Foundation Model-based Embodied AI Agents [47.69642609574771]
Embodied artificial intelligence (EAI) integrates advanced AI models into physical entities for real-world interaction.
Foundation models as the "brain" of EAI agents for high-level task planning have shown promising results.
However, the deployment of these agents in physical environments presents significant safety challenges.
This study introduces EAIRiskBench, a novel framework for automated physical risk assessment in EAI scenarios.
arXiv Detail & Related papers (2024-08-08T13:19:37Z) - FaultGuard: A Generative Approach to Resilient Fault Prediction in Smart Electrical Grids [53.2306792009435]
FaultGuard is the first framework for fault type and zone classification resilient to adversarial attacks.
We propose a low-complexity fault prediction model and an online adversarial training technique to enhance robustness.
Our model outclasses the state-of-the-art for resilient fault prediction benchmarking, with an accuracy of up to 0.958.
arXiv Detail & Related papers (2024-03-26T08:51:23Z) - Dynamic Vulnerability Criticality Calculator for Industrial Control Systems [0.0]
This paper introduces an innovative approach by proposing a dynamic vulnerability criticality calculator.
Our methodology encompasses the analysis of environmental topology and the effectiveness of deployed security mechanisms.
Our approach integrates these factors into a comprehensive Fuzzy Cognitive Map model, incorporating attack paths to holistically assess the overall vulnerability score.
arXiv Detail & Related papers (2024-03-20T09:48:47Z) - Securing Federated Learning with Control-Flow Attestation: A Novel Framework for Enhanced Integrity and Resilience against Adversarial Attacks [2.28438857884398]
Federated Learning (FL) as a distributed machine learning paradigm has introduced new cybersecurity challenges.
This study proposes an innovative security framework inspired by Control-Flow (CFA) mechanisms, traditionally used in cybersecurity.
We authenticate and verify the integrity of model updates across the network, effectively mitigating risks associated with model poisoning and adversarial interference.
arXiv Detail & Related papers (2024-03-15T04:03:34Z) - HW-V2W-Map: Hardware Vulnerability to Weakness Mapping Framework for
Root Cause Analysis with GPT-assisted Mitigation Suggestion [3.847218857469107]
We presentHW-V2W-Map Framework, which is a Machine Learning (ML) framework focusing on hardware vulnerabilities and Internet of Things (IoT) security.
The architecture that we have proposed incorporates an Ontology-driven Storytelling framework, which automates the process of updating the Ontology.
Our proposed framework utilized Generative Pre-trained Transformer (GPT) Large Language Models (LLMs) to provide mitigation suggestions.
arXiv Detail & Related papers (2023-12-21T02:14:41Z) - OMINACS: Online ML-Based IoT Network Attack Detection and Classification
System [0.0]
This paper proposes an online attack detection and network traffic classification system.
It combines stream Machine Learning, Deep Learning, and Ensemble Learning technique.
It can detect the presence of malicious traffic flows and classify them according to the type of attack they represent.
arXiv Detail & Related papers (2023-02-18T04:06:24Z) - Certifiers Make Neural Networks Vulnerable to Availability Attacks [70.69104148250614]
We show for the first time that fallback strategies can be deliberately triggered by an adversary.
In addition to naturally occurring abstains for some inputs and perturbations, the adversary can use training-time attacks to deliberately trigger the fallback.
We design two novel availability attacks, which show the practical relevance of these threats.
arXiv Detail & Related papers (2021-08-25T15:49:10Z) - Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance.
We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems.
We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
arXiv Detail & Related papers (2020-10-19T13:09:31Z) - Measurement-driven Security Analysis of Imperceptible Impersonation
Attacks [54.727945432381716]
We study the exploitability of Deep Neural Network-based Face Recognition systems.
We show that factors such as skin color, gender, and age, impact the ability to carry out an attack on a specific target victim.
We also study the feasibility of constructing universal attacks that are robust to different poses or views of the attacker's face.
arXiv Detail & Related papers (2020-08-26T19:27:27Z) - Adversarial vs behavioural-based defensive AI with joint, continual and
active learning: automated evaluation of robustness to deception, poisoning
and concept drift [62.997667081978825]
Recent advancements in Artificial Intelligence (AI) have brought new capabilities to behavioural analysis (UEBA) for cyber-security.
In this paper, we present a solution to effectively mitigate this attack by improving the detection process and efficiently leveraging human expertise.
arXiv Detail & Related papers (2020-01-13T13:54:36Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.