Danish Internet Day Security of the Internet of Things Mitigating infections spread through immunisation techniques Farell FOLLY, Ph.D Researcher folly.farell@unibw.de Copenhague, October 1st.!1
Agenda 1. Introduction to the IoT 2. Security Challenges in IoT 3. State of the Art of the IoT Security 4. Immunisation Techniques and our Approach!2
Introduction The Internet of Things (IoT) is a network of dedicated physical objects (things) that contain embedded technology to communicate and sense or interact with their internal states or the external environment. - Gartner!3
Introduction 1. Physical World People, Devices 2. Virtual World Applications, Digital Artefacts 3. Processes Actuation, sensing, etc.!4
Introduction UML representation of IoT Domain Model Source: «Enable Things to talk», Designing IoT solutions with the IoT Architectural Reference Model, Alexandro Bassi et al, Springer Edition, ISBN : 978-3-642-40403-0!5
Security Challenges Number of devices High diversity of things Variety and number of Applications Speed of change Hard to plan for a systematic Approach for Security!6
Security Challenges Unpredictable attacks Cybercriminals keep improving their techniques Zero-Day attacks Propagation of vulnerabilities towards billions of devices!7
Security Challenges Tradit ionally Packet Inspection Blocking Traffic based on flags, Signatures Security built around static schemes IoT Context Almost infeasible in this context (Big Data) Not adaptive / too much human intervention IoT networks are highly dynamic!8
Security Challenges 1. 70% of the most commonly used IoT devices contain vulnerabilities. 2. 56% of respondents say that it is unlikely or highly unlikely that their organisation would be able to detect a sophisticated attack. 3. 253 billions of free Apps (2017). Malicious apps (malware): the increase in the number of apps on the device increases the likelihood that some may contain malicious code or security holes Source: EY insights!9
State-of-the-Art!10
State-of-the-Art No universal framework or common approach for IoT security Most devices are not primarily designed with security and interoperability in mind Many manufacturers mostly rely on existing traditional security measures!11
State-of-the-Art So far, no security approach tackles all security aspects associated with the IoT Many projects do exist, however; that address some specific concerns: 1. NEBULA: www.nebula-fia.org 2. utrustit: www.utrustit.eu 3. IoT-A: www.iot-a.eu Many authors considered the use of the Graph Theory to cope with the size of IoT networks and their dynamics!12
State-of-the-Art Auto-immunity Security and Identification. Trust deterministic, policy-based, reputation-based, social net work-based!13
State-of-the-Art Cognitive approach (Context-Awareness) 1. Enable devices and network with the intelligence to perceive things 2. Adaptive actions based on continuous learning in a hostile environment Tetrahedron model in the IoT context Source: A roadmap for the Security in the Internet of Things, Arbia et al (2018).!14
Our Approach!15
Our Approach Since we can never produce a 100% secure general system or network, we need methods to mitigate the spread of damage. - Mathematical underpinnings for Science-based Cybersecurity. United States Department of Energy.!16
Our Approach 1. Minimise exposure factor 2. Control how threats spread 3. Design an efficient patch or vaccines distribution mechanism Immunisation!17
Our Approach NoN model with three layers Source : Towards a Networks-of-Networks Framework for Cyber Security, Mahantesh Halappanavar et al.!18
Our Approach Is the system in danger? Risk increases Vulnerability reaches a threshold An infection is spreading This node is having too many links!!! This cluster is having too many members, is it possible to disconnect some or move them to another cluster? What action to take? Minimise Risk Maximise Entropy Reduce exposure factor Trigger updates / recovery processes towards specific targets The most exposed (boundary nodes, important links, giant clusters, inside dominant set, etc.) Use graph theory analysis to find the most suitable metrics and influence them accurately : Immunisation algorithms!19
Our Approach Graph Theory IoT Security Immunization!20
Our Approach Type of graph Graph Structure Graph-based Security metrics Clustering Centrality Betweenness Reachability Percolation etc. Graph-based IoT Representation Graph Theory IoT Security Immunization!21
Our Approach Type of graph Graph Structure Graph-based Security metrics Clustering Centrality Betweenness Reachability Percolation etc. Graph-based IoT Representation Graph Theory IoT Security Infection propagation and containment Immunization Infection propagation Infection containment Analogy of Human Immune system Immune system learning : Detect (trust rating, classify as fraudulent or legal, semantic analysis) Activate virtual Antibodies to heal the rest or to efficiently stop the propagation.!22
Our Approach Epidemic process : Susceptible-Infected-Recovered 1. How fast does an infection spread 2. What is the threat strategy? 3. What is the IoT network topology? 4. How resistant are the nodes/clusters? Infectiousness Resistance Topology Strategy!23
Our Approach Graph challenges : clustering, groupings, and simplification Apps Devices interconnection Devices Original graph topology Forming cliques Final compressed graph!24
Summary In parallel with the increasing autonomy of things to perceive and act on the environment, IoT security should move towards a greater autonomy in perceiving threats and reacting to attacks, based on a cognitive and systemic approach - Arbia et al.!25
Use cases discussions 1. A trusted device connects to a car and has been granted permission to launch a service, What are the requirements of such an equipment? 2. How does a human decide to collaborate with a random person? Picture credit to @Gartner!26
Akpé kaka! folly.farell@unibw.de www.twitter.com/ ff www.linkedin.com/in/farellf!27