Smart Attacks on the integrity of the Internet of Things Avoiding detection by employing Game Theory
1 like252 views
The document discusses the vulnerabilities of the Internet of Things (IoT) to sophisticated attacks that exploit measurement uncertainties and stealthy behaviors of compromised nodes. It presents a model using game theory to analyze the dynamics of such attacks and outlines various scenarios demonstrating the attackers' strategies and outcomes. The findings suggest that traditional detection methods may be inadequate against these advanced threats, emphasizing the need for improved security measures.
Smart Attacks on the integrity of the Internet of Things Avoiding detection by employing Game Theory
- 1. Smart Attacks on the integrity of the Internet of Things Avoiding detection by employing Game Theory George Margelis Robert J. Piechocki, Theo Tryfonas, Paul Thomas IEEE GLOBECOM - 7 December 2016
- 2. Presentation Outline • Problem Statement • Model • Assumptions and Definitions • Game Theory aspects • Numerical Simulation results • Conclusions
- 3. The Internet of Things Smart Metering Home Automation Smart Agriculture Transportation Infrastructure Monitoring Smart Metering e-Health Industrial Enterprise ζ V2x The Internet Of Things
- 4. The Internet of Things • The IoT will connect different domains into one homogenous network • Different domains → different requirements • However all domains share one requirement: Robust Security
- 5. Inherent Uncertainty Cheap Nodes → Cheap Sensors → Limited Precision Limited precision → Measurement Uncertainty “Weird” behaviour: Is a node malicious? Or simply malfunctioning? Are a group of nodes whose values deviate from the mean compromised? Or simply they are the first to sense a change in the measured values?
- 6. Detecting Malicious Nodes Traditional approach: Outlier detection and intrusion detection schemes. However, modern penetration techniques are smarter: Infecting but remaining in stealth, without changing node behaviour. Also when the majority of the nodes have been infected, the outliers are the healthy ones. Attackers are exploiting the characteristics of the IoT with smarter penetration strategies.
- 10. Defining a Smart Attacker • Can compromise healthy nodes • Avoids changing node behaviour radically • Exploits the inherent uncertainty in the measurements
- 11. Defining a Smart Attacker Assumptions regarding the Attacker: • The attacker can see the final extracted value. • Every attack that the attacker attempts is successful, leading to a compromised node. • The attacker attempts to change the reported value to something else, which we name ”Attacker’s Target”. • The attacker controls the number of compromised nodes(A) and how much the value of the compromised nodes differs compared to the measured value (lj ).
- 12. Defining a Smart Attacker Assumptions regarding the network: • Similar to Low Throughtput Networks like LoRA or Sigfox. • Nodes communicate a measured value (either in a scheduled or opportunistic manner). • The mean of the distribution of the values of the network is the extracted value.
- 14. Distance metrics Kullback – Leibler Divergence 𝐷 𝐾𝐿(𝑃| 𝑄 = 𝑖 𝑃 𝑖 𝑙𝑜𝑔 𝑃(𝑖) 𝑄(𝑖) Euclidean Distance 𝐷 𝑃, 𝑄 = 𝑖=1 𝑛 (𝑄 𝑖 − 𝑃 𝑖 2 Hellinger’s Distance 𝐷 𝑃, 𝑄 = −𝑙𝑛 𝑃 𝑖 𝑄(𝑖)
- 15. Applying Game Theory A game in it’s normal form is a tuple 𝐺 = 𝑁, 𝐴, 𝑢 , where: • 𝑁 = {1,2, … , 𝑛𝑖}a set of n rational players. By rational in this context we mean that the player chooses the strategy that maximizes his payoff. • 𝐴 = 𝐴1 × ⋯ × 𝐴2, where 𝐴𝑖 the finite set of actions available to player 𝑖 • 𝑢 = 𝑢1, … , 𝑢 𝑛 where 𝑢𝑖: 𝐴 → ℝ, a real-valued payoff function for player 𝑖
- 16. Applying Game Theory Utility Function Reported Value Attacker’s Target Compromised Nodes Cost of Attack Hellinger’s Distance From model distribution Hellinger’s Distance Detection Threshold Reward 𝐴𝑃 = 𝜇 ≥ 𝐴𝑇 ∙ 𝑅𝑊𝐷 − 𝐴 ∙ 𝐶𝑃𝐴 − 𝐷(𝑃,𝑄) > 𝑇ℎ𝑟𝑒𝑠ℎ𝑜𝑙𝑑 ∙ 2 ∙ (𝑅𝑊𝐷)
- 17. Applying Game Theory Utility Function 𝐴𝑃 = 𝜇 ≥ 𝐴𝑇 ∙ 𝑅𝑊𝐷 − 𝐴 ∙ 𝐶𝑃𝐴 − 𝐷(𝑃,𝑄) > 𝑇ℎ𝑟𝑒𝑠ℎ𝑜𝑙𝑑 ∙ 2 ∙ (𝑅𝑊𝐷) 𝑖=1 N−A 𝑥𝑖 + 𝑗=1 A (𝑥 𝑗+𝑙𝑗) 𝑖=1 N 𝑥𝑖 𝜇 ≥ 𝐴𝑇 = 1, 𝑖𝑓 𝑖𝑛𝑒𝑞𝑢𝑎𝑙𝑖𝑡𝑦 ℎ𝑜𝑙𝑑𝑠 0, 𝑜𝑡ℎ𝑒𝑟𝑤𝑖𝑠𝑒 𝐷(𝑃,𝑄) > 𝑇ℎ𝑟𝑒𝑠ℎ𝑜𝑙𝑑 = 1, 𝑖𝑓 𝑖𝑛𝑒𝑞𝑢𝑎𝑙𝑖𝑡𝑦 ℎ𝑜𝑙𝑑𝑠 0, 𝑜𝑡ℎ𝑒𝑟𝑤𝑖𝑠𝑒
- 18. Scenarios and results Scenario 1: Cost of attack remains constant as number of attacks is increased Scenario 2: Cost of attack rises as number of attacks is increased Scenario 3: Cost of attack reduces as number of attacks is increased
- 19. Scenarios and results Pay-out for the attacker for the first scenario when the attacker aims to shift the mean of the distribution 1% higher
- 20. Scenarios and results Pay-out for the attacker for the second scenario when the attacker aims to shift the mean of the distribution 5% higher
- 21. Scenarios and results Pay-out for the attacker for the third scenario when the attacker aims to shift the mean of the distribution 1% higher
- 23. Scenarios and results Percentage of Nodes needed to be compromised vs. Threshold for the attacker to win the first scenario.
- 24. Scenarios and results Percentage of Nodes needed to be compromised vs. Threshold for the discounted game.
- 25. False positive Rate 𝐹𝑎𝑙𝑠𝑒 𝑃𝑜𝑠𝑖𝑡𝑖𝑣𝑒 𝑅𝑎𝑡𝑒 = 𝐹𝑎𝑙𝑠𝑒 𝑃𝑜𝑠𝑖𝑡𝑖𝑣𝑒𝑠 𝑇𝑟𝑢𝑒 𝑁𝑒𝑔𝑎𝑡𝑖𝑣𝑒𝑠+𝐹𝑎𝑙𝑠𝑒 𝑃𝑜𝑠𝑖𝑡𝑖𝑣𝑒𝑠
- 26. Conclusions • The uncertainty inherent in the measurements can be exploited by smart attackers. • Outlier detection based IDS might not be enough in light of smart-deployment strategies of malware. • Distribution comparison can provide insights for potential penetrations with low complexity costs. • However the attackers can still compromise the integrity of the network if they set modest targets.