A graph-based decision support model for vulnerability analysis in IoT networks

Abstract

The Internet of Things (IoT) refers to the technological phenomenon that envisages reliable connection and secure exchange of data between the real-world devices and applications. However, the vulnerabilities residing in the IoT devices are identified as the potential entry points for the attackers, thereby causing a huge security threat to the IoT network. The attackers can further advance deep into the network by exploiting the relations among these vulnerabilities. In this work, we address the security issues in the IoT network due to the existence of vulnerabilities in the network devices. We propose a multi-attacker multi-target graphical model referred to as IoT Security Graph, representing the potential attackers, targets, and the vulnerability relations in the IoT network. As the graph is derived from the network, its analysis can reveal many security-relevant parameters of the network. Security analysts are keen in evaluating threats to critical resources in the network due to the presence of inherent vulnerabilities in the devices and in analyzing cost-effective security hardening options. To aid this, we introduce the Terminator Oriented Directed Acyclic Graph (TODAG) for each terminal node representing a potential target in the network. The TODAG for a given terminal node is a sub-graph of the IoT Security Graph of the underlying network and represents all the potential attack paths in the network that orient toward it. The proposal also includes the likelihood estimation of the dominant attack paths in the TODAG. The removal of such paths can significantly reduce the threat at the targets.