Abstract
Protecting Internet of Things (IoT) network from private data breach is a grand challenge. Data breach may occur when networks’ statistical information is disclosed due to network scanning or data stored on the IoT devices is accessed by attackers because of lack of protection on IoT devices. To protect IoT networks, effective proactive cyber defence technologies (e.g., Moving Target Defence (MTD) and deception) have been proposed. They defend against attacks by dynamically changing attack surface or hiding true network information. However, little work considered the protection of statistical information of IoT network, such as the number of VLANs or the number of devices across VLANs. This type of information may leak the network’s operational information to attackers (e.g., functional information of VLANs). To address this problem, we propose a differential privacy (DP)-based defence method to mitigate its leakage. In this paper, we strategically obfuscate VLANs’ statistical information by integrating DP with MTD and deception technologies. Software-defined networking technology is leveraged to manage data flows among devices and support shuffling-based MTD. Two strategies (random and intelligent) are considered for defence deployment. A greedy algorithm is designed to explore the trade-off between defence cost and privacy protection level. We theoretically prove that the proposed method meets the definition of DP, thus offering solid privacy protection to the operational information of an IoT network. Extensive experimental results further demonstrate that, for a given defence budget, there exists a trade-off between protection level and cost. Moreover, the intelligent deployment strategy is more cost-effective than the random one under the same settings.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
IP shuffling does not change the VLAN that a device resides nor affect the communications between the device and other devices; but it gives attackers a different network view in their reconnaissance phase.
References
Gokhale, P., Bhat, O., Bhat, S.: Introduction to IoT. Int. Adv. Res. J. Sci. Eng. Technol. 5(1), 41–44 (2018)
Atzori, L., Iera, A., Morabito, G.: The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)
Help Net Security. Threat highlight: Analysis of 5+ million unmanaged, iot, and iomt devices (2020). https://www.helpnetsecurity.com/2020/07/24/analysis-of-5-million-unmanaged-iot-and-iomt-devices/
THALES. IoT security issues in 2022: A business perspective (2020). https://www.thalesgroup.com/en/markets/digital-identity-and-security/iot/magazine/internet-threats
Ge, M., Kim, D.S.: A framework for modeling and assessing security of the internet of things. In: 2015 IEEE 21st International Conference on Parallel and Distributed Systems (ICPADS), pp. 776–781. IEEE (2015)
Nayak, A.K., Reimers, A., Feamster, N., Clark, R.: Resonance: dynamic access control for enterprise networks. In: Proceedings of the 1st ACM Workshop on Research on Enterprise Networking, pp. 11–18 (2009)
Almeshekah, M.H., Spafford, E.H.: Planning and integrating deception into computer security defenses. In: Proceedings of the 2014 New Security Paradigms Workshop, pp. 127–138 (2014)
Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S.: Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, vol. 54. Springer, Heidelberg (2011). https://doi.org/10.1007/978-1-4614-0977-9
Crouse, M., Prosser, B., Fulp, E.W.: Probabilistic performance analysis of moving target and deception reconnaissance defenses. In: Proceedings of the Second ACM Workshop on Moving Target Defense, pp. 21–29 (2015)
Wang, C., Lu, Z.: Cyber deception: overview and the road ahead. IEEE Secur. Priv. 16(2), 80–85 (2018)
Cho, J.H., et al.: Toward proactive, adaptive defense: a survey on moving target defense. IEEE Commun. Surv. Tutor. 22(1), 709–745 (2020)
Ge, M., Cho, J., Ishfaq, B., Dong, S.K.: Modeling and analysis of integrated proactive defence mechanisms for internet of things. In: Modeling and Design of Secure Internet of Things (2020)
Ge, M., Hong, J.B., Yusuf, S.E., Kim, D.S.: Proactive defense mechanisms for the software-defined internet of things with non-patchable vulnerabilities. Future Gener. Comput. Syst. 78, 568–582 (2018)
Ge, M., Cho, J.-H., Kamhoua, C.A., Kim, D.S.: Optimal deployments of defense mechanisms for the internet of things. In: 2018 International Workshop on Secure Internet of Things (SIoT), pp. 8–17. IEEE (2018)
Ge, M., Cho, J.-H., Kim, D.S., Dixit, G., Chen, I.-R.: Proactive defense for internet-of-things: Integrating moving target defense with cyberdeception. ar**v preprint ar**v:2005.04220 (2020)
Mercado-Velázquez, A.A., Escamilla-Ambrosio, P.J., Ortiz-Rodriguez, F.: A moving target defense strategy for internet of things cybersecurity. IEEE Access 9, 118406–118418 (2021)
Lu, Z., Wang, C., Zhao, S.: Cyber deception for computer and network security: survey and challenges. ar**v preprint ar**v:2007.14497 (2020)
Juels, A., Rivest, R L.: Honeywords: making password-cracking detectable. In: Proceedings of the 2013 ACM SIGSAC, pp. 145–160 (2013)
La, Q.D., Quek, T.Q., Lee, J., **, S., Zhu, H.: Deceptive attack and defense game in honeypot-enabled networks for the internet of things. IEEE Internet Things J. 3(6), 1025–1035 (2016)
Tsemogne, O., Hayel, Y., Kamhoua, C., Deugoué, G.: Game theoretic modeling of cyber deception against epidemic botnets in internet of things. IEEE Internet Things J. 9, 2678–2687 (2021)
Ye, D., Zhu, T., Shen, S., Zhou, W.: A differentially private game theoretic approach for deceiving cyber adversaries. IEEE TIFS 16, 569–584 (2020)
ONF. Openflow switch specification (2017). https://opennetworking.org/sdn-resources/openflow-switch-specification/
Cadini, F., Zio, E., Petrescu, C.-A.: Using centrality measures to rank the importance of the components of a complex network infrastructure. In: Setola, R., Geretshuber, S. (eds.) CRITIS 2008. LNCS, vol. 5508, pp. 155–167. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03552-4_14
Yoon, S., Cho, J.-H., Kim, D.S., Moore, T.J., Free-Nelson, F., Lim, H.: Attack graph-based moving target defense in software-defined networks. IEEE Trans. Netw. Serv. Manag. 17(3), 1653–1668 (2020)
Sharma, D.P., Kim, D.S., Yoon, S., Lim, H., Cho, J.-H., Moore, T.J.: Frvm: flexible random virtual ip multiplexing in software-defined networks. In: 12th IEEE International Conference On Big Data Science and Engineering (TrustCom/BigDataSE), pp. 579–587. IEEE (2018)
TrapX. Security’s deception grid (2017). https://www.scmagazine.com/trapx-security-deceptiongrid/article/681820
Dwork, C.: Differential privacy: a survey of results. In: Agrawal, M., Du, D., Duan, Z., Li, A. (eds.) TAMC 2008. LNCS, vol. 4978, pp. 1–19. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-79228-4_1
Zhu, T., **ong, P., Li, G., Zhou, W., Philip, S.Y.: Differentially private model publishing in cyber physical systems. Future Gener. Comput. Syst. 108, 1297–1306 (2020)
Li, N., Lyu, M., Su, D., Yang, W.: Differential privacy: from theory to practice. Synth. Lect. Inf. Secur. Priv. Trust 8(4), 1–138 (2016)
Attivo Networks. Attivo botsink deception platform (2016). https://www.scmagazine.com/product-test/-/attivo-botsink-deception-platform
Alavizadeh, H., Hong, J.B., Kim, D.S., Jang-Jaccard, J.: Evaluating the effectiveness of shuffle and redundancy mtd techniques in the cloud. Comput. Secur. 102, 102091 (2021)
James, A., Simon, M.B.: Medjack. 3 medical device hijack cyber attacks evolve. In: Proceedings of RSA Conference, San Francisco, CA, USA (2017)
Meggitt, S.: Medjack attacks: the scariest part of the hospital (2018)
Medical Equipment Leasing Cost. Medical equipment leasing cost (2020). https://costhack.com/medical-equipment-leasing-cost/
Computer. How much does it cost to lease it equipment? (2022). https://www.costowl.com/rental/equipment-leasing/equipment-leasing-computer-cost/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Proof of Proposition 1
A Proof of Proposition 1
Proof
In the case of Algorithm 1, for neighbouring datasets \(N_{k}\) and \(N_{k}'\), without loss of generality, let \(\mathcal {A}\) be the step of Algorithm 1 that injects Laplace noise (i.e., Line 3 of Algorithm 1) and X be a random variable that follows Lap(\((\frac{|K|\cdot \varDelta }{\epsilon })\)). For any output value z, we have:
For any count function f, \(A_{f(N_{k})}=f(N_{k})+\textrm{Lap}(\frac{|K|\cdot \varDelta }{ \epsilon })\), it is easy to conclude
Since the sensitivity \(\varDelta \) is 1 as mentioned before, and by definition of sensitivity, \(\varDelta =\textrm{max}_{N_{k}, N_{k}'}\left\| f(N_{k}')-f(N_{k})\right\| _{1}\). Hence, Eq. (5) becomes
Thus, each step of Algorithm 1 satisfies \(\frac{\epsilon }{\left| K\right| }\hbox {-}DP\). As there are \(\left| K\right| \) steps in Algorithm 1, based on Theorem 1, Algorithm 1 satisfies \((\sum _{i=1}^{|K|}\frac{\epsilon }{\left| K\right| })\hbox {-}DP\). Therefore, Algorithm 1 satisfies \(\epsilon \hbox {-}DP\).
Without loss of generality, denote Algorithm 1 as \(\mathcal {A}_{1}\) and Algorithm 2 as \(\mathcal {A}_{2}\). In the case of Algorithm 2, for neighbouring \(N_{k}\) and \(N_{k}'\), let z be the output value of algorithm \(\mathcal {A}_{1}\) and O be the set of output value of algorithm \(\mathcal {A}_{2}\). According to the discussion above, we have proved \(\mathcal {A}_{1}\) satisfies \(\epsilon \hbox {-}DP\), so we have
For any \(o \in O\), we have
Hence, according to Eq. (8), we have
Therefore, Algorithm 2 also satisfies \(\epsilon \hbox {-}DP\) based on the Post-processing Theorem 2. \(\square \)
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Yang, G., Ge, M., Gao, S., Lu, X., Zhang, L.Y., Doss, R. (2022). A Differential Privacy Mechanism for Deceiving Cyber Attacks in IoT Networks. In: Yuan, X., Bai, G., Alcaraz, C., Majumdar, S. (eds) Network and System Security. NSS 2022. Lecture Notes in Computer Science, vol 13787. Springer, Cham. https://doi.org/10.1007/978-3-031-23020-2_23
Download citation
DOI: https://doi.org/10.1007/978-3-031-23020-2_23
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-23019-6
Online ISBN: 978-3-031-23020-2
eBook Packages: Computer ScienceComputer Science (R0)