Header

UZH-Logo

Maintenance Infos

Moving Target Defense Strategy Selection against Malware in Resource-Constrained Devices


Von der Assen, Jan; Celdran, Alberto Huertas; Huber, Nicolas; Bovet, Gérôme; Pérez, Gregorio Martínez; Stiller, Burkhard (2023). Moving Target Defense Strategy Selection against Malware in Resource-Constrained Devices. In: 2023 IEEE International Conference on Cyber Security and Resilience (CSR), Venice, Italy, 31 July 2023 - 2 August 2023. Institute of Electrical and Electronics Engineers, 123-129.

Abstract

Internet-of-Things (IoT) devices have become critical assets to be protected due to increased adoption for emerging use cases. As such, these devices are confronted with a myriad of malware-based threats. To combat malware in IoT, Moving Target Defense (MTD) is a viable defense layer, since MTD does not rely on a low breach probability - aiming to increase security in a dynamic way. Although evidence supports the usefulness of MTD for IoT, the current state of the art suffers from unrealistic deployments, including the problem of operating multiple MTD techniques. Especially, there is a commonly observed gap in determining and deploying one of a set of locally available MTD techniques. This paper addresses this gap by relying on a rule-based selection mechanism. For that, a risk-driven methodology to establish this selection agent with a well-defined architecture is followed. As an input, the device's behavior, as expressed through its resource consumption, serves as a selection criterion. This architecture was implemented for a Raspberry Pi and evaluated against seven malware, given four existing MTD techniques. The resulting prototype highlights that a rule-based system can efficiently mitigate the malware samples.

Abstract

Internet-of-Things (IoT) devices have become critical assets to be protected due to increased adoption for emerging use cases. As such, these devices are confronted with a myriad of malware-based threats. To combat malware in IoT, Moving Target Defense (MTD) is a viable defense layer, since MTD does not rely on a low breach probability - aiming to increase security in a dynamic way. Although evidence supports the usefulness of MTD for IoT, the current state of the art suffers from unrealistic deployments, including the problem of operating multiple MTD techniques. Especially, there is a commonly observed gap in determining and deploying one of a set of locally available MTD techniques. This paper addresses this gap by relying on a rule-based selection mechanism. For that, a risk-driven methodology to establish this selection agent with a well-defined architecture is followed. As an input, the device's behavior, as expressed through its resource consumption, serves as a selection criterion. This architecture was implemented for a Raspberry Pi and evaluated against seven malware, given four existing MTD techniques. The resulting prototype highlights that a rule-based system can efficiently mitigate the malware samples.

Statistics

Citations

Dimensions.ai Metrics

Altmetrics

Downloads

1 download since deposited on 12 Feb 2024
1 download since 12 months
Detailed statistics

Additional indexing

Item Type:Conference or Workshop Item (Paper), not_refereed, original work
Communities & Collections:03 Faculty of Economics > Department of Informatics
Dewey Decimal Classification:000 Computer science, knowledge & systems
Scopus Subject Areas:Physical Sciences > Artificial Intelligence
Physical Sciences > Computer Networks and Communications
Physical Sciences > Information Systems
Physical Sciences > Safety, Risk, Reliability and Quality
Scope:Discipline-based scholarship (basic research)
Language:English
Event End Date:2 August 2023
Deposited On:12 Feb 2024 13:56
Last Modified:13 Feb 2024 21:00
Publisher:Institute of Electrical and Electronics Engineers
Series Name:IEEE International Conference on Cyber Security and Resilience (CSR)
ISBN:979-8-3503-1170-9
OA Status:Closed
Publisher DOI:https://doi.org/10.1109/csr57506.2023.10224824