How Secure Is Your IoT Network?

TL;DR

This paper introduces a holistic approach to assessing IoT network security by combining vulnerability scores and dynamic activity logs into attack circuits, providing practical security metrics and attack path insights.

Contribution

It proposes the novel concept of attack circuits for IoT security evaluation, integrating compositional security scores and network activity logs with NLP and optimization techniques.

Findings

Attack circuits effectively measure exploitability, impact, and risk.

The system offers insights into potential attack paths.

Experimental results validate the approach's efficacy.

Abstract

The proliferation of IoT devices in smart homes, hospitals, and enterprise networks is widespread and continuing to increase in a superlinear manner. With this unprecedented growth, how can one assess the security of an IoT network holistically? In this article, we explore two dimensions of security assessment, using vulnerability information of IoT devices and their underlying components ($\textit{compositional security scores}$) and SIEM logs captured from the communications and operations of such devices in a network ($\textit{dynamic activity metrics}$) to propose the notion of an $\textit{attack circuit}$. These measures are used to evaluate the security of IoT devices and the overall IoT network, demonstrating the effectiveness of attack circuits as practical tools for computing security metrics (exploitability, impact, and risk to confidentiality, integrity, and availability) of heterogeneous networks. We propose methods for generating attack circuits with input/output pairs constructed from CVEs using natural language processing (NLP) and with weights computed using standard security scoring procedures, as well as efficient optimization methods for evaluating attack circuits. Our system provides insight into possible attack paths an adversary may utilize based on their exploitability, impact, or overall risk. We have performed experiments on IoT networks to demonstrate the efficacy of the proposed techniques.