A Machine Learning-Based Framework for Measuring Attack Surfaces of IoT Systems

A Machine Learning-Based Framework for Measuring Attack Surfaces of IoT Systems

With the increasing demand for utilizing IoT devices in many cases, in recent years, a great risk raises as many of those devices will be vulnerable to many types of cyberattacks. Moreover, the latest increase in intelligent cyberattacks along with the complexity increase in IoT architectures place...

Full description

Saved in:
Bibliographic Details
Main Author: Bandar M. Alshammari
Format: Article
Language:English
Published: IEEE 2025-01-01
Series:IEEE Access
Subjects:
Internet of Things
cybersecurity
attack surface
security measurements
machine learning
Online Access:https://ieeexplore.ieee.org/document/11098872/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:With the increasing demand for utilizing IoT devices in many cases, in recent years, a great risk raises as many of those devices will be vulnerable to many types of cyberattacks. Moreover, the latest increase in intelligent cyberattacks along with the complexity increase in IoT architectures place a greater risk that many of those cyberattacks will not be discovered until very late stages. However, continuous evolution in Artificial Intelligence (AI) methods, such as machine learning models, can provide an intelligent and effective approach to accommodate and mitigate such risks in the early stages. If such models are used to analyze previous cyberattacks on IoT architectures to predict their behaviors on different layers of the IoT architecture, then this will definitely help in reducing impact of such cyberattacks. This presents the main objective of this work, in which risks associated with IoT cyberattacks are mitigated by measuring the attack surface size of an IoT architecture from the perspective of the information flow exposed by these surfaces. The paper proposes a novel approach that shows how to map certain cyberattacks to specific layers of the IoT architecture. Based on that mapping, several security metrics are defined to measure that architecture’s attack surface size. This paper also shows an experimental study of how the framework proposed here can be applied to a three-layer IoT architecture using a publicly available dataset. Several machine learning models have been used to show how to evaluate and validate the mapping process between different layers and various cyberattacks. Once higher performance results are obtained of the defined mapping, the security metrics proposed here are applied to measure the attack surface size of that particular architecture.
ISSN:2169-3536

Similar Items