Abstract
In many Internet of Thing application domains security is a critical requirement, because malicious parties can undermine the effectiveness of IoT-based systems by compromising single components and/or communication channels. Thus, a security infrastructure is needed to ensure the proper functioning of such systems even under attack. However, it is also critical that security be at a reasonable resource and/or energy cost. This chapter deals with the problem of efficiently and effectively securing IoT networks by carefully allocating security resources in the network area. The problem is modeled according to game theory, and provide a Pareto-optimal solution, in which the cost of the security infrastructure and the probability of a successful attack are minimized. As in the context of smart urban ecosystems both static and mobile smart city applications can take place, two different formalizations are provided for the two scenarios. For static networks, the optimization problem is modeled as a mixed integer linear program, whereas for mobile scenarios, computational intelligent techniques are adopted for providing a good approximation of the optimal solution.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The attribute loc in Definition 1 helps us to simplify the formalization of the linear programs we show hereafter. The basic idea is the following: given that in the network area there are many locations where a security resource can be placed, for each resource \(sr^*\) we assume to have \(sr_1,\ldots sr_n\) resources, one for each location where \(sr^*\) can be located.
- 2.
C.1.4 does not imply any loss of generality since a security resource can embed more than one security tool.
- 3.
The probability to have an attack is computed as the ratio between the number of cases with \(risk>0\) and the total number of cases.
References
E. Altman, K. Avrachenkov, A. Gamaev, Jamming in wireless networks: the case of several jammers, in Proceedings of the First ICST International Conference on Game Theory for Networks (2009)
T. Alwajeeh, P. Combeau, A. Bounceur, R. Vauzelle, Efficient method for associating radio propagation models with spatial partitioning for smart city applications, in Proceedings of the International Conference on Internet of things and Cloud Computing (ACM, 2016), p. 8
L. Atzori, A. Iera, G. Morabito, The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)
D. Bertsimas, G.J. Lauprete, A. Samarov, Shortfall as a risk measure: properties, optimization and applications. J. Econ. Dyn. Control 28(7), 1353–1381 (2004)
F. Brasser, B. El Mahjoub, A.R. Sadeghi, C. Wachsmann, P. Koeberl, Tytan: Tiny trust anchor for tiny devices, in DAC, 2015 (IEEE, 2015), pp. 1–6
L. Chen, J. Crampton, Risk-aware role-based access control, in International Workshop on Security and Trust Management (Springer, 2011), pp. 140–156
H.T. Cheng, W. Zhuang, Pareto optimal resource management for wireless mesh networks with qos assurance: joint node clustering and subcarrier allocation. IEEE Trans. Wirel. Commun. 8(3), 1573–1583 (2009)
C. Chigan, L. Li, Y. Ye, Resource-aware self-adaptive security provisioning in mobile ad hoc networks, in IEEE Wireless Communications and Networking Conference (2005)
K. Deb, A. Pratap, S. Agarwal, T. Meyarivan, A fast elitist multi-objective genetic algorithm: Nsga-ii. IEEE Trans. Evol. Comput. 6, 182–197 (2000)
R. Dewri, I. Ray, N. Poolsappasit, D. Whitley, Optimal security hardening on attack tree models of networks: a cost-benefit analysis. Int. J. Inf. Secur. 11(3), 167–188 (2012)
R. Dewri, I. Ray, I. Ray, D. Whitley, Security provisioning in pervasive environments using multi-objective optimization, in ESORICS (2008)
T.N. Dinh, Y. Xuan, M.T. Thai, E. Park, T. Znati, On approximation of new optimization methods for assessing network vulnerability, in INFOCOM, Proceedings IEEE (2010)
L. Eschenauer, V.D. Gligor, A key-management scheme for distributed sensor networks, in Proceedings of the 9th ACM Conference on Computer and Communications Security (ACM, 2002), pp. 41–47
G. Fortino, P. Trunfio, Internet of Things Based on Smart Objects: Technology, Middleware and Applications (Springer, 2014)
L. Girod, J. Elson, A. Cerpa, T. Stathopoulos, N. Ramanathan, D. Estrin, Emstar: a software environment for developing and deploying wireless sensor networks, in USENIX (2004)
J. Goldhirsh, W.J. Vogel, Handbook of propagation effects for vehicular and personal mobile satellite systems, vol. 1274 (NASA Reference Publication, 1998), pp. 40–67
A. Guerrieri, L. Valeria, R. Anna, F. Giancarlo, Management of Cyber Physical Objects in the Future Internet of things (Springer, 2016)
A. Guo, M. Haenggi, Spatial stochastic models and metrics for the structure of base stations in cellular networks. IEEE Trans. Wirel. Commun. 12(11), 5800–5812 (2013)
Z. Han, N. Marina, M. Debbah, A. Hjørungnes, Physical layer security game: How to date a girl with her boyfriend on the same table, in Proceedings of the First ICST International Conference on Game Theory for Networks (2009)
A.M. Kermarrec, E. Le Merrer, B. Sericola, G. Trédan, Second order centrality: distributed assessment of nodes criticity in complex networks. Comput. Commun. 34(5), 619–628 (2011)
I. Khalil, S. Bagchi, N.B. Shroff, Liteworp: a lightweight countermeasure for the wormhole attack in multihop wireless networks, in International Conference on Dependable Systems and Networks, 2005. DSN 2005. Proceedings (IEEE, 2005), pp. 612–621
D. Kotz, C. Newport, R.S. Gray, J. Liu, Y. Yuan, C. Elliott, Experimental evaluation of wireless simulation assumptions, in Proceedings of the 7th ACM International Symposium on Modeling, Analysis and Simulation of Wireless and Mobile Systems (ACM, 2004), pp. 78–82
P. Levis, N. Lee, M. Welsh, D. Culler, Tossim: accurate and scalable simulation of entire tinyos applications, in Proceedings of 1st International Conference on Embedded Networked Sensor Systems (ACM, 2003)
H. Levy, Y. Kroll, Ordering uncertain options with borrowing and lending. J. Finan. 33(2), 553–574 (1978)
P.V. Marsden, Egocentric and sociocentric measures of network centrality. Soc. Netw. 24(4), 407–422 (2002)
S. Marti, T.J. Giuli, K. Lai, M. Baker, Mitigating routing misbehavior in mobile ad hoc networks, in Proceedings of the 6th Annual International Conference on Mobile Computing and Networking (ACM, 2000), pp. 255–265
A. Messac, A. Ismail-Yahaya, C.A. Mattson, The normalized normal constraint method for generating the Pareto frontier. Struct. Multidiscip. Optim. 25(2), 86–98 (2003)
D. Midi, A. Rullo, A. Mudgerikar, E. Bertino, Kalis: a system for knowledge-driven adaptable intrusion detection for the internet of things, in IEEE 37th International Conference on Distributed Computing Systems (ICDCS) (2017)
I. Molloy, P.C. Cheng, P. Rohatgi, Trading in risk: using markets to improve access control, in Proceedings of the 2008 Workshop on New Security Paradigms (ACM, 2009), pp. 107–125
I. Molloy, L. Dickens, C. Morisset, P.C. Cheng, J. Lobo, A. Russo, Risk-based security decisions under uncertainty, in Proceedings of the Second ACM Conference on Data and Application Security and Privacy (ACM, 2012), pp. 157–168
N. Poolsappasit, R. Dewri, I. Ray, Dynamic security risk management using bayesian attack graphs. IEEE Trans. Dependable Secur. Comput. 9(1), 61–74 (2012)
T.S. Rappaport, et al., Wireless Communications: Principles and Practice, vol. 2 (Prentice Hall PTR, New Jersey, 1996)
S. Raza, S. Duquennoy, J. Höglund, U. Roedig, T. Voigt, Secure communication for the internet of things a comparison of link-layer security and IPsec for 6LoWPAN. Secur. Commun. Netw. 7(12), 2654–2668 (2014)
S. Raza, L. Wallgren, T. Voigt, Svelte: real-time intrusion detection in the internet of things, in Ad Hoc Networks (2013)
C. Robert, G. Casella, Monte Carlo Statistical Methods (Springer Science & Business Media, 2013)
A. Rullo, D. Midi, E. Serra, E. Bertino, Pareto optimal security resource allocation for Internet of Things. ACM Trans. Priv. Secur. (TOPS) 20(4), 15 (2017)
A. Rullo, E. Serra, E. Bertino, J. Lobo, Shortfall-based optimal placement of security resources for mobile IoT scenarios, in European Symposium on Research in Computer Security (Springer, 2017), pp. 419–436
E. Serra, S. Jajodia, A. Pugliese, A. Rullo, V. Subrahmanian, Pareto-optimal adversarial defense of enterprise systems. ACM Trans. Inf. Syst. Secur. (TISSEC) 17(3), 11 (2015)
K. Sharma, M. Ghose, Wireless sensor networks: an overview on its security threats. IJCA (Special Issue on Mobile Ad-hoc Networks MANETs), 42–45 (2010)
X. Shen, K. Xu, X. Sun, J. Wu, J. Lin, Optimized indoor wireless propagation model in wifi-rof network architecture for rss-based localization in the Internet of Things, in Microwave Photonics, 2011 International Topical Meeting on & Microwave Photonics Conference, 2011 Asia-Pacific, MWP/APMP (IEEE, 2011), pp. 274–277
F. Simini, M.C. González, A. Maritan, A.L. Barabási, A universal model for mobility and migration patterns. Nature 484(7392), 96–100 (2012)
H. von Stackelberg, D. Bazin, R. Hill, L. Urch, Market Structure and Equilibrium (Springer, 2010)
A. Varga et al., The omnet++ discrete event simulation system, in Proceedings of the European Simulation Multiconference (ESM2001) (2001)
D. Zhang, D. Liu, Dataguard: dynamic data attestation in wireless sensor networks, in DSN, 2010 (IEEE, 2010)
L. Zhou, H.C. Chao, Multimedia traffic security architecture for the Internet of Things. IEEE Netw. 25(3), 35–40 (2011)
Q. Zhu, L. Bushnell, T. Basar, Game-theoretic analysis of node capture and cloning attack with multiple attackers in wireless sensor networks, in CDC (IEEE, 2012), pp. 3404–3411
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this chapter
Cite this chapter
Rullo, A., Serra, E., Bertino, E., Lobo, J. (2019). Optimal Placement of Security Resources for the Internet of Things. In: Cicirelli, F., Guerrieri, A., Mastroianni, C., Spezzano, G., Vinci, A. (eds) The Internet of Things for Smart Urban Ecosystems. Internet of Things. Springer, Cham. https://doi.org/10.1007/978-3-319-96550-5_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-96550-5_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-96549-9
Online ISBN: 978-3-319-96550-5
eBook Packages: EngineeringEngineering (R0)