Internet of Things (IoT) technologies have expanded so fast that they have become a part and parcel of a smart home. On the one hand, these systems have made the daily lives very convenient; on the other hand, they have increased the range of cyber vulnerabilities of domestic-based environment and hence strengthened intrusion detection as one of the cornerstones of security. However, this has been criticised with many machine-learning-based approaches being non-transparent; warnings are produced, but the reasoning is obscure, creating a feeling of uncertainty with the user and making it hard to respond in a timely manner. In order to address the shortcomings, we would suggest a framework where the security posture of smart homes would be quantified and expressed in a transparent and actionable way. The framework combines both host and network level monitoring and posture engine built upon explicit, rule-based logic based on empirically observed device and traffic behaviour. The engine filters out the benign and malicious activities, also classifying threats as part of the STRIDE model. The resulting evaluations are displayed in a user-friendly dashboard that makes them obtain a brief picture of the current state in the system. A case study shows that the suggested method produces results which can be interpreted, having practical value, and produces better user trust in comparison with traditional methods of black-box intrusion-detection.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

From Data to Decision: A Framework for Continuous Security Assurance and Live Security Posture Management in IoT

  • Shahbaz Ali Imran,
  • Junaid Arshad,
  • Yussuf Ahmed,
  • Fuad A. Ghaleb

摘要

Internet of Things (IoT) technologies have expanded so fast that they have become a part and parcel of a smart home. On the one hand, these systems have made the daily lives very convenient; on the other hand, they have increased the range of cyber vulnerabilities of domestic-based environment and hence strengthened intrusion detection as one of the cornerstones of security. However, this has been criticised with many machine-learning-based approaches being non-transparent; warnings are produced, but the reasoning is obscure, creating a feeling of uncertainty with the user and making it hard to respond in a timely manner. In order to address the shortcomings, we would suggest a framework where the security posture of smart homes would be quantified and expressed in a transparent and actionable way. The framework combines both host and network level monitoring and posture engine built upon explicit, rule-based logic based on empirically observed device and traffic behaviour. The engine filters out the benign and malicious activities, also classifying threats as part of the STRIDE model. The resulting evaluations are displayed in a user-friendly dashboard that makes them obtain a brief picture of the current state in the system. A case study shows that the suggested method produces results which can be interpreted, having practical value, and produces better user trust in comparison with traditional methods of black-box intrusion-detection.