# Deployment Optimization of IoT Devices through Attack Graph Analysis

**Authors:** Noga Agmon, Asaf Shabtai, Rami Puzis

arXiv: 1904.05853 · 2019-04-12

## TL;DR

This paper presents a method to optimize IoT device deployment by analyzing augmented attack graphs that consider device location and communication, aiming to enhance network security and utility.

## Contribution

It introduces an attack graph-based approach with heuristic optimization to improve IoT deployment security, considering physical location and communication capabilities.

## Key findings

- Augmented attack graphs effectively quantify IoT deployment impact on security.
- Heuristic search accelerates optimization of IoT deployment.
- Optimized deployment improves network security and utility.

## Abstract

The Internet of things (IoT) has become an integral part of our life at both work and home. However, these IoT devices are prone to vulnerability exploits due to their low cost, low resources, the diversity of vendors, and proprietary firmware. Moreover, short range communication protocols (e.g., Bluetooth or ZigBee) open additional opportunities for the lateral movement of an attacker within an organization. Thus, the type and location of IoT devices may significantly change the level of network security of the organizational network. In this paper, we quantify the level of network security based on an augmented attack graph analysis that accounts for the physical location of IoT devices and their communication capabilities. We use the depth-first branch and bound (DFBnB) heuristic search algorithm to solve two optimization problems: Full Deployment with Minimal Risk (FDMR) and Maximal Utility without Risk Deterioration (MURD). An admissible heuristic is proposed to accelerate the search. The proposed method is evaluated using a real network with simulated deployment of IoT devices. The results demonstrate (1) the contribution of the augmented attack graphs to quantifying the impact of IoT devices deployed within the organization on security, and (2) the effectiveness of the optimized IoT deployment.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1904.05853/full.md

## Figures

7 figures with captions in the complete paper: https://tomesphere.com/paper/1904.05853/full.md

## References

50 references — full list in the complete paper: https://tomesphere.com/paper/1904.05853/full.md

---
Source: https://tomesphere.com/paper/1904.05853