Abstract
Every day, a multitude of IoT devices connect to the internet, enhancing functionality and user experience. However, this increased connectivity exposes these devices to external threats. Securing the network requires effective modeling of potential attack scenarios. The dynamic nature of IoT networks often alters these scenarios, making attack modeling challenging. In this context, identifying inappropriate network configurations that lead to insecure conditions becomes a practical alternative. Avoiding such configurations helps protect the infrastructure from threat actors. In this paper, an Explainable AI (XAI) approach using the Local Interpretable Model-Agnostic Explanations (LIME) algorithm is employed to assess the impact of various network configurations on security. The framework’s effectiveness is demonstrated through a realistic IoT network example. The experiment explains how network characteristics influence insecurity, offering valuable insights into potential vulnerabilities.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Arat, F., Akleylek, S.: A new method for vulnerability and risk assessment of IoT. Comput. Netw. 237, 110046 (2023)
Brous, P., Janssen, M., Herder, P.: The dual effects of the internet of things (IoT): a systematic review of the benefits and risks of IoT adoption by organizations. Int. J. Inf. Manage. 51, 101952 (2020)
Chowdhary, A., Huang, D., Mahendran, J.S., Romo, D., Deng, Y., Sabur, A.: Autonomous security analysis and penetration testing. In: 2020 16th International Conference on Mobility. Sensing and Networking (MSN), pp. 508–515. IEEE, Tokyo, Japan (2020)
George, G., Thampi, S.M.: A graph-based security framework for securing industrial IoT networks from vulnerability exploitations. IEEE Access 6, 43586–43601 (2018)
Lakshminarayana, S.K., Basarkod, P.I.: Unification of K-nearest neighbor (KNN) with distance aware algorithm for intrusion detection in evolving networks like IoT. Wireless Pers. Commun. 132(3), 2255–2281 (2023)
Linardatos, P., Papastefanopoulos, V., Kotsiantis, S.: Explainable AI: a review of machine learning interpretability methods. Entropy 23(1), 18 (2020)
Mukherjee, P., Mazumdar, C.: Attack difficulty metric for assessment of network security. In: Proceedings of the 13th International Conference on Availability, Reliability and Security, pp. 1–10. ACM, Hamburg, Germany (2018)
Payne, J., Budhraja, K., Kundu, A.: How secure is your IoT network? In: 2019 IEEE International Congress on Internet of Things (ICIOT), pp. 181–188. IEEE, Milan, Italy (2019)
Ribeiro, M.T., Singh, S., Guestrin, C.: “Why should I trust you?” explaining the predictions of any classifier. In: Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1135–1144. ACM, San Francisco, California (2016)
Sharma, B., Sharma, L., Lal, C., Roy, S.: Explainable artificial intelligence for intrusion detection in IoT networks: a deep learning based approach. Expert Syst. Appl. (238), 121751 (2024)
Srivastava, A., Gupta, S., Quamara, M., Chaudhary, P., Aski, V.J.: Future IoT-enabled threats and vulnerabilities: state of the art, challenges, and future prospects. Int. J. Commun Syst 33(12), e4443 (2020)
Stan, O., et al.: Heuristic approach for countermeasure selection using attack graphs. In: 2021 IEEE 34th Computer Security Foundations Symposium (CSF), pp. 1–16. IEEE, Virtual Conference (2021)
Stellios, I., Kotzanikolaou, P., Grigoriadis, C.: Assessing IoT enabled cyber-physical attack paths against critical systems. Comput. Secur. 107, 102316 (2021)
Widel, W., Mukherjee, P., Ekstedt, M.: Security countermeasures selection using the meta attack language and probabilistic attack graphs. IEEE Access 10, 89645–89662 (2022)
Yigit, B., Gür, G., Alagöz, F., Tellenbach, B.: Cost-aware securing of IoT systems using attack graphs. Ad Hoc Netw. 86, 23–35 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2025 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Thomas, B., Thampi, S.M., Mukherjee, P. (2025). Identifying Insecure Network Configurations Through Attack Modeling and Explainable AI. In: Patil, V.T., Krishnan, R., Shyamasundar, R.K. (eds) Information Systems Security. ICISS 2024. Lecture Notes in Computer Science, vol 15416. Springer, Cham. https://doi.org/10.1007/978-3-031-80020-7_11
Download citation
DOI: https://doi.org/10.1007/978-3-031-80020-7_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-80019-1
Online ISBN: 978-3-031-80020-7
eBook Packages: Computer ScienceComputer Science (R0)