Skip to main content
SpringerLink
Log in

Optimal Placement of Security Resources for the Internet of Things

  • Chapter
  • First Online:
The Internet of Things for Smart Urban Ecosystems

Part of the book series: Internet of Things ((ITTCC))

Abstract

In many Internet of Thing application domains security is a critical requirement, because malicious parties can undermine the effectiveness of IoT-based systems by compromising single components and/or communication channels. Thus, a security infrastructure is needed to ensure the proper functioning of such systems even under attack. However, it is also critical that security be at a reasonable resource and/or energy cost. This chapter deals with the problem of efficiently and effectively securing IoT networks by carefully allocating security resources in the network area. The problem is modeled according to game theory, and provide a Pareto-optimal solution, in which the cost of the security infrastructure and the probability of a successful attack are minimized. As in the context of smart urban ecosystems both static and mobile smart city applications can take place, two different formalizations are provided for the two scenarios. For static networks, the optimization problem is modeled as a mixed integer linear program, whereas for mobile scenarios, computational intelligent techniques are adopted for providing a good approximation of the optimal solution.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The attribute loc in Definition 1 helps us to simplify the formalization of the linear programs we show hereafter. The basic idea is the following: given that in the network area there are many locations where a security resource can be placed, for each resource \(sr^*\) we assume to have \(sr_1,\ldots sr_n\) resources, one for each location where \(sr^*\) can be located.

  2. 2.

    C.1.4 does not imply any loss of generality since a security resource can embed more than one security tool.

  3. 3.

    The probability to have an attack is computed as the ratio between the number of cases with \(risk>0\) and the total number of cases.

References

  1. E. Altman, K. Avrachenkov, A. Gamaev, Jamming in wireless networks: the case of several jammers, in Proceedings of the First ICST International Conference on Game Theory for Networks (2009)

    Google Scholar 

  2. T. Alwajeeh, P. Combeau, A. Bounceur, R. Vauzelle, Efficient method for associating radio propagation models with spatial partitioning for smart city applications, in Proceedings of the International Conference on Internet of things and Cloud Computing (ACM, 2016), p. 8

    Google Scholar 

  3. L. Atzori, A. Iera, G. Morabito, The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)

    Article  Google Scholar 

  4. D. Bertsimas, G.J. Lauprete, A. Samarov, Shortfall as a risk measure: properties, optimization and applications. J. Econ. Dyn. Control 28(7), 1353–1381 (2004)

    Article  MathSciNet  Google Scholar 

  5. F. Brasser, B. El Mahjoub, A.R. Sadeghi, C. Wachsmann, P. Koeberl, Tytan: Tiny trust anchor for tiny devices, in DAC, 2015 (IEEE, 2015), pp. 1–6

    Google Scholar 

  6. L. Chen, J. Crampton, Risk-aware role-based access control, in International Workshop on Security and Trust Management (Springer, 2011), pp. 140–156

    Google Scholar 

  7. H.T. Cheng, W. Zhuang, Pareto optimal resource management for wireless mesh networks with qos assurance: joint node clustering and subcarrier allocation. IEEE Trans. Wirel. Commun. 8(3), 1573–1583 (2009)

    Article  Google Scholar 

  8. C. Chigan, L. Li, Y. Ye, Resource-aware self-adaptive security provisioning in mobile ad hoc networks, in IEEE Wireless Communications and Networking Conference (2005)

    Google Scholar 

  9. K. Deb, A. Pratap, S. Agarwal, T. Meyarivan, A fast elitist multi-objective genetic algorithm: Nsga-ii. IEEE Trans. Evol. Comput. 6, 182–197 (2000)

    Article  Google Scholar 

  10. R. Dewri, I. Ray, N. Poolsappasit, D. Whitley, Optimal security hardening on attack tree models of networks: a cost-benefit analysis. Int. J. Inf. Secur. 11(3), 167–188 (2012)

    Article  Google Scholar 

  11. R. Dewri, I. Ray, I. Ray, D. Whitley, Security provisioning in pervasive environments using multi-objective optimization, in ESORICS (2008)

    Google Scholar 

  12. T.N. Dinh, Y. Xuan, M.T. Thai, E. Park, T. Znati, On approximation of new optimization methods for assessing network vulnerability, in INFOCOM, Proceedings IEEE (2010)

    Google Scholar 

  13. L. Eschenauer, V.D. Gligor, A key-management scheme for distributed sensor networks, in Proceedings of the 9th ACM Conference on Computer and Communications Security (ACM, 2002), pp. 41–47

    Google Scholar 

  14. G. Fortino, P. Trunfio, Internet of Things Based on Smart Objects: Technology, Middleware and Applications (Springer, 2014)

    Google Scholar 

  15. L. Girod, J. Elson, A. Cerpa, T. Stathopoulos, N. Ramanathan, D. Estrin, Emstar: a software environment for developing and deploying wireless sensor networks, in USENIX (2004)

    Google Scholar 

  16. J. Goldhirsh, W.J. Vogel, Handbook of propagation effects for vehicular and personal mobile satellite systems, vol. 1274 (NASA Reference Publication, 1998), pp. 40–67

    Google Scholar 

  17. A. Guerrieri, L. Valeria, R. Anna, F. Giancarlo, Management of Cyber Physical Objects in the Future Internet of things (Springer, 2016)

    Google Scholar 

  18. A. Guo, M. Haenggi, Spatial stochastic models and metrics for the structure of base stations in cellular networks. IEEE Trans. Wirel. Commun. 12(11), 5800–5812 (2013)

    Article  Google Scholar 

  19. Z. Han, N. Marina, M. Debbah, A. Hjørungnes, Physical layer security game: How to date a girl with her boyfriend on the same table, in Proceedings of the First ICST International Conference on Game Theory for Networks (2009)

    Google Scholar 

  20. A.M. Kermarrec, E. Le Merrer, B. Sericola, G. Trédan, Second order centrality: distributed assessment of nodes criticity in complex networks. Comput. Commun. 34(5), 619–628 (2011)

    Article  Google Scholar 

  21. I. Khalil, S. Bagchi, N.B. Shroff, Liteworp: a lightweight countermeasure for the wormhole attack in multihop wireless networks, in International Conference on Dependable Systems and Networks, 2005. DSN 2005. Proceedings (IEEE, 2005), pp. 612–621

    Google Scholar 

  22. D. Kotz, C. Newport, R.S. Gray, J. Liu, Y. Yuan, C. Elliott, Experimental evaluation of wireless simulation assumptions, in Proceedings of the 7th ACM International Symposium on Modeling, Analysis and Simulation of Wireless and Mobile Systems (ACM, 2004), pp. 78–82

    Google Scholar 

  23. P. Levis, N. Lee, M. Welsh, D. Culler, Tossim: accurate and scalable simulation of entire tinyos applications, in Proceedings of 1st International Conference on Embedded Networked Sensor Systems (ACM, 2003)

    Google Scholar 

  24. H. Levy, Y. Kroll, Ordering uncertain options with borrowing and lending. J. Finan. 33(2), 553–574 (1978)

    Article  Google Scholar 

  25. P.V. Marsden, Egocentric and sociocentric measures of network centrality. Soc. Netw. 24(4), 407–422 (2002)

    Article  Google Scholar 

  26. S. Marti, T.J. Giuli, K. Lai, M. Baker, Mitigating routing misbehavior in mobile ad hoc networks, in Proceedings of the 6th Annual International Conference on Mobile Computing and Networking (ACM, 2000), pp. 255–265

    Google Scholar 

  27. A. Messac, A. Ismail-Yahaya, C.A. Mattson, The normalized normal constraint method for generating the Pareto frontier. Struct. Multidiscip. Optim. 25(2), 86–98 (2003)

    Article  MathSciNet  Google Scholar 

  28. D. Midi, A. Rullo, A. Mudgerikar, E. Bertino, Kalis: a system for knowledge-driven adaptable intrusion detection for the internet of things, in IEEE 37th International Conference on Distributed Computing Systems (ICDCS) (2017)

    Google Scholar 

  29. I. Molloy, P.C. Cheng, P. Rohatgi, Trading in risk: using markets to improve access control, in Proceedings of the 2008 Workshop on New Security Paradigms (ACM, 2009), pp. 107–125

    Google Scholar 

  30. I. Molloy, L. Dickens, C. Morisset, P.C. Cheng, J. Lobo, A. Russo, Risk-based security decisions under uncertainty, in Proceedings of the Second ACM Conference on Data and Application Security and Privacy (ACM, 2012), pp. 157–168

    Google Scholar 

  31. N. Poolsappasit, R. Dewri, I. Ray, Dynamic security risk management using bayesian attack graphs. IEEE Trans. Dependable Secur. Comput. 9(1), 61–74 (2012)

    Article  Google Scholar 

  32. T.S. Rappaport, et al., Wireless Communications: Principles and Practice, vol. 2 (Prentice Hall PTR, New Jersey, 1996)

    Google Scholar 

  33. S. Raza, S. Duquennoy, J. Höglund, U. Roedig, T. Voigt, Secure communication for the internet of things a comparison of link-layer security and IPsec for 6LoWPAN. Secur. Commun. Netw. 7(12), 2654–2668 (2014)

    Article  Google Scholar 

  34. S. Raza, L. Wallgren, T. Voigt, Svelte: real-time intrusion detection in the internet of things, in Ad Hoc Networks (2013)

    Google Scholar 

  35. C. Robert, G. Casella, Monte Carlo Statistical Methods (Springer Science & Business Media, 2013)

    Google Scholar 

  36. A. Rullo, D. Midi, E. Serra, E. Bertino, Pareto optimal security resource allocation for Internet of Things. ACM Trans. Priv. Secur. (TOPS) 20(4), 15 (2017)

    Google Scholar 

  37. A. Rullo, E. Serra, E. Bertino, J. Lobo, Shortfall-based optimal placement of security resources for mobile IoT scenarios, in European Symposium on Research in Computer Security (Springer, 2017), pp. 419–436

    Google Scholar 

  38. E. Serra, S. Jajodia, A. Pugliese, A. Rullo, V. Subrahmanian, Pareto-optimal adversarial defense of enterprise systems. ACM Trans. Inf. Syst. Secur. (TISSEC) 17(3), 11 (2015)

    Article  Google Scholar 

  39. K. Sharma, M. Ghose, Wireless sensor networks: an overview on its security threats. IJCA (Special Issue on Mobile Ad-hoc Networks MANETs), 42–45 (2010)

    Google Scholar 

  40. X. Shen, K. Xu, X. Sun, J. Wu, J. Lin, Optimized indoor wireless propagation model in wifi-rof network architecture for rss-based localization in the Internet of Things, in Microwave Photonics, 2011 International Topical Meeting on & Microwave Photonics Conference, 2011 Asia-Pacific, MWP/APMP (IEEE, 2011), pp. 274–277

    Google Scholar 

  41. F. Simini, M.C. González, A. Maritan, A.L. Barabási, A universal model for mobility and migration patterns. Nature 484(7392), 96–100 (2012)

    Article  Google Scholar 

  42. H. von Stackelberg, D. Bazin, R. Hill, L. Urch, Market Structure and Equilibrium (Springer, 2010)

    Google Scholar 

  43. A. Varga et al., The omnet++ discrete event simulation system, in Proceedings of the European Simulation Multiconference (ESM2001) (2001)

    Google Scholar 

  44. D. Zhang, D. Liu, Dataguard: dynamic data attestation in wireless sensor networks, in DSN, 2010 (IEEE, 2010)

    Google Scholar 

  45. L. Zhou, H.C. Chao, Multimedia traffic security architecture for the Internet of Things. IEEE Netw. 25(3), 35–40 (2011)

    Article  Google Scholar 

  46. Q. Zhu, L. Bushnell, T. Basar, Game-theoretic analysis of node capture and cloning attack with multiple attackers in wireless sensor networks, in CDC (IEEE, 2012), pp. 3404–3411

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. DIMES Department, Universita della Calabria, 87036, Rende, Italy

    Antonino Rullo

  2. Department of Computer Science, Boise State University, Boise, ID, 83725, USA

    Edoardo Serra

  3. Lawson Computer Science Department, Purdue University, West Lafayette, IN, 47907, USA

    Elisa Bertino

  4. ICREA and Department of Information and Communication Technologies, Universitat Pompeu Fabra, 08018, Barcelona, Spain

    Jorge Lobo

Authors
  1. Antonino Rullo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Edoardo Serra
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Elisa Bertino
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jorge Lobo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Antonino Rullo .

Editor information

Editors and Affiliations

  1. Institute for High Performance Computing and Networking (ICAR), National Research Council (CNR), Rende (CS), Italy

    Franco Cicirelli

  2. Institute for High Performance Computing and Networking (ICAR), National Research Council (CNR), Rende (CS), Italy

    Antonio Guerrieri

  3. Institute for High Performance Computing and Networking (ICAR), National Research Council (CNR), Rende (CS), Italy

    Carlo Mastroianni

  4. Institute for High Performance Computing and Networking (ICAR), National Research Council (CNR), Rende (CS), Italy

    Giandomenico Spezzano

  5. Institute for High Performance Computing and Networking (ICAR), National Research Council (CNR), Rende (CS), Italy

    Andrea Vinci

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer International Publishing AG, part of Springer Nature

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Rullo, A., Serra, E., Bertino, E., Lobo, J. (2019). Optimal Placement of Security Resources for the Internet of Things. In: Cicirelli, F., Guerrieri, A., Mastroianni, C., Spezzano, G., Vinci, A. (eds) The Internet of Things for Smart Urban Ecosystems. Internet of Things. Springer, Cham. https://doi.org/10.1007/978-3-319-96550-5_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-96550-5_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-96549-9

  • Online ISBN: 978-3-319-96550-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation