Thesis Deployment Optimization of IoT Devices through Attack Graph Analysis

TL;DR

This paper presents a method to optimize IoT device deployment in networks by analyzing augmented attack graphs that consider device location and communication, aiming to enhance security and utility.

Contribution

It introduces an attack graph-based optimization approach for IoT deployment, incorporating physical location and communication capabilities to improve network security.

Findings

Augmented attack graphs effectively quantify IoT deployment impact on security.

Optimized deployment reduces security risks while maintaining utility.

Method validated on a real network with simulated IoT deployment.

Abstract

The Internet of things (IoT) has become an integral part of our life at both work and home. However, these IoT devices are prone to vulnerability exploits due to their low cost, low resources, the diversity of vendors, and proprietary firmware. Moreover, short range communication protocols (e.g., Bluetooth or ZigBee) open additional opportunities for the lateral movement of an attacker within an organization. Thus, the type and location of IoT devices may significantly change the level of network security of the organizational network. In this work, we quantify the level of network security based on an augmented attack graph analysis that accounts for the physical location of IoT devices and their communication capabilities. We use the depth-first branch and bound (DFBnB) heuristic search algorithm to solve two optimization problems: Full Deployment with Minimal Risk (FDMR) and Maximal Utility without Risk Deterioration (MURD). An admissible heuristic is proposed to accelerate the search. The proposed method is evaluated using a real network with simulated deployment of IoT devices. The results demonstrate (1) the contribution of the augmented attack graphs to quantifying the impact of IoT devices deployed within the organization on security, and (2) the effectiveness of the optimized IoT deployment.