Automated Security Hardening of IoT using Data-Driven Analytics
With the recent wave of technological advancements, “Internet of Things” (IoT) has become ubiquitous, ranging from common home and personal appliances to sophisticated safety-critical products such as satellites and airborne avionics, nuclear plants and medical implants. The IoT technology is estimated to create $14.4 trillion of market value over the next decade by introducing billions of new heterogeneous entities connected over the internet. These newly-inducted and rapidly-evolving internet nodes are based upon diversified technologies and have varying levels of trust and security requirements. Moreover, their designs are primarily focused on efficiency, miniaturization and longevity; leaving limited resources for number-crunching security algorithms. In near future, IoT design limitations coupled with their exponentially increasing numbers will significantly expand the attack surface and the associated security risks. It is also hard to manually manage and track security polices in such complex IoT environment causing inconsistent rulesets that are difficult to interpret, analyze and enforce. In addition, the landscape of security threats is dynamically changing which makes conventional signature-based static authorization policies vulnerable to zero-day exploitations.
The project goal is to bridge the semantic gap between the level of sensitivity and dataflow control between interrelated IoT entities by formally representing IoT infrastructures, functions and data communication security requirements through suitable abstraction technologies i.e. ontologies. We plan to extend the existing IoT ontologies to reason about security properties and create automatically holistic access control readily deployable for protecting multifaceted IoT networks. Initially, a prototype of security analytics framework will be developed using Prolog, which will also translate known security best practices for IoT into logic-based conformance rules. Suitable rule language such as SWRL will be used for automated inference of new information, thus addressing scalability issues and offering active defense by countering zero-day attacks. The analytics framework developed during the project will offer automatic and context-aware generation and tuning of access control rules for IoT devices. The efficacy of these security controls will be tested through various penetration testing techniques.
The project goal is to bridge the semantic gap between the level of sensitivity and dataflow control between interrelated IoT entities by formally representing IoT infrastructures, functions and data communication security requirements through suitable abstraction technologies i.e. ontologies. We plan to extend the existing IoT ontologies to reason about security properties and create automatically holistic access control readily deployable for protecting multifaceted IoT networks. Initially, a prototype of security analytics framework will be developed using Prolog, which will also translate known security best practices for IoT into logic-based conformance rules. Suitable rule language such as SWRL will be used for automated inference of new information, thus addressing scalability issues and offering active defense by countering zero-day attacks. The analytics framework developed during the project will offer automatic and context-aware generation and tuning of access control rules for IoT devices. The efficacy of these security controls will be tested through various penetration testing techniques.