A Security Situation Awareness Approach for IoT Software Chain Based on Markov Game Model.

Xudong Zhu; Honggao Deng

doi:10.9781/ijimai.2022.08.002

Authors

Xudong Zhu Wuxi Institute of Arts & Technology
Honggao Deng Guilin University of Electronic Technology

DOI:

https://doi.org/10.9781/ijimai.2022.08.002

Keywords:

Internet of things, Hidden Markov Models, Security, Support Vector Machine, Intrusion Detection

Abstract

Since Internet of Things (IoT) has been widely used in our daily life nowadays, it is regarded as a promising and popular application of the Internet, and has attracted more and more attention. However, IoT is also suffered by some security problems which seriously affect the implementation of IoT system. Similar to traditional software, IoT software is always threated by many vulnerabilities, thus how to evaluate the security situation of IoT software chain becomes a basic requirement. In this paper, A framework of security situation awareness for IoT software chain is proposed, which mainly includes two processes: IoT security situation classification based on support vector machine and security situation awareness based on Markov game model. The proposed method firstly constructs a classification model using support vector machine (IoT) to automatically evaluates the security situation of IoT software chain. Based on the situation classification, we further proposed to adopt Markov model to simulate and predict the next behaviors of participants that involved in IoT system. Additionally, we have designed and developed a security situation awareness system for IoT software chain, the developed system supports the detection of typical IoT vulnerabilities and inherits more than 20 vulnerability detection methods, which shows great potential in IoT system protection.

Downloads

Download data is not yet available.

References

Perera C., Zaslavsky A., Christen P., et al. “Context Aware Computing for The Internet of Things: A Survey,“ IEEE Communications Surveys & Tutorials, 2014, 16(1):414-454.

Heath T., Bizer C. “Linked Data: Evolving the Web into a Global Data Space,“ Molecular Ecology, 2011, 11(2):670–684.

Malaiya R. K., Kwon D, Kim J, et al. “An empirical evaluation of deep learning for network anomaly detection,“ International Conference on Computing, Networking and Communications (ICNC). IEEE, 2018: 893-898.

Chen X. Z., Zheng Q. H., Guan X. H., et al. “Quantitative Hierarchical Threat Evaluation Model for Network Security,“ Journal of Software, 2006, 17(4):885-897.

Macqueen J. “Some Methods for Classification and Analysis of MultiVariate Observations,“ Proc of Berkeley Symposium on Mathematical Statistics & Probability. 1965.

Li S., Xu L. D., Zhao S. “Applications of Internet of Things: A Survey,“ Information Systems Frontiers, 2015, 17(2):243-259.

D. Miorandi, Sicari S., Pellegrini F. D., et al. “Internet of things: Vision, applications and research challenges,“ Ad Hoc Networks, 2012, 10(7):1497- 1516.

Wang X., Liu W. “Research on Air Traffic Control Automatic System Software Reliability Based on Markov Chain,“ Physics Procedia, 2012, 24:1601-1606.

Wang L. Z., Zhang S. S., Tao Q. K. “A software-reuse-oriented agile supply chain model based on software agent,“ Journal of Computer Research and Development, 2002, 39(2):153-158.

Cui J., Wang L, X. Zhao, et al. “Towards predictive analysis of android vulnerability using statistical codes and machine learning for IoT applications,“ Computer Communications, 2020, 155(Apr.):125-131.

Zanella A., Bui N., Castellani A., et al. “Internet of Things for Smart Cities,“ IEEE Internet of Things Journal, 2014, 1(1):22-32.

Granjal J., Monteiro E., Silva J. S. “Security for the Internet of Things: A Survey of Existing Protocols and Open Research Issues,“ IEEE Communications Surveys & Tutorials, 2015, 17(3):1294-1312.

Sanchez-Arias G., Garcia C. G., G-Bustelo B. “Midgar: Study of communications security among Smart Objects using a platform of heterogeneous devices for the Internet of Things,“ Future Generation Computer Systems, 2017, 74(SEP.):444-466.

Webb J., Ahmad A., Maynard S. B., et al. “A Situation Awareness Model for Information Security Risk Management,“ Computers & Security, 2014, 44(2):1-15.

Zhang D., He Q. “Security Situation Awareness Method for Smart Grid,“ International Core Journal of Engineering, 2020, 6(5):49-55.

Lei Z., Wu X., Wu, X.: “An edge-guided image interpolation algorithm via directional filtering and data fusion,“ IEEE Transactions on Image Processing, 2006, 15(8):2226-2238.

Dey A., Mohammad F., Ahmed S., et al. “Anomaly Detection in Crowded Scene by Pedestrians Behaviour Extraction using Long Short Term Method: A Comprehensive Study,“ International Journal of Education and Management Engineering, 2019, 9(1):51-63.

Wilks P., English M. J. “A system for rapid identification of respiratory abnormalities using a neural network,“ Medical Engineering & Physics, 1995, 17(7):551-555.

He W., Yan G., Xu L. D. “Developing Vehicular Data Cloud Services in the IoT Environment,“ IEEE Transactions on Industrial Informatics, 2014, 10(2):1587-1595.

Park N., Kim M., Bang H. C. “Symmetric Key-Based Authentication and the Session Key Agreement Scheme in IoT Environment,“ Lecture Notes in Electrical Engineering, 2015, 330:379-384.

Weber R. H. “Internet of Things – New security and privacy challenges,“ Computer Law & Security Review the International Journal of Technology & Practice, 2010, 26(1):23-30.

D. Guinard, Trifa V., Karnouskos S., et al. “Interacting with the SOABased Internet of Things: Discovery, Query, Selection, and On-Demand Provisioning of Web Services,“ IEEE Transactions on Services Computing, 2010, 3(3):223-235.

Sicari S., Rizzardi A., Grieco L. A., et al. “Security, privacy and trust in Internet of Things: The road ahead,“ Computer Networks, 2015, 76(jan.15):146-164.

Jia R., Ding Y. “Nonzero-sum non-stationary discounted Markov game model,“ Mathematical Methods of Operations Research, 2000, 52(2):265- 270.

Lei C., Zhang H. Q., Wan L. M., et al. “Incomplete Information Markov Game Theoretic Approach to Strategy Generation for Moving Target Defense,“ Computer Communications, 2018, 116(JAN.):184-199.

Hu H., Hu C., Yao S. Decision Model of Optimal Active Response for Network Security Using Partial Observable Markov Game[J]. Hsi-An Chiao Tung Ta Hsueh/Journal of Xi’an Jiaotong University, 2011, 45(4):18- 24.

Cauwenberghs G., Poggio T. “Incremental and Decremental Support Vector Machine Learning,“ Advances in neural information processing systems, 2001, 13(5):409-412.

Amari S., Wu S. “Improving support vector machine classifiers by modifying kernel functions,“ Neural Networks, 1999, 12(6):783-789.

Zien A., G. Rätsch, Mika S., et al. “Engineering support vector machine kernels that recognize translation initiation sites,“ Bioinformatics, 2000, 16(9):799-807.

Yang Y., Wu L., Yin G., et al. “A Survey on Security and Privacy Issues in Internet-of-Things,“ Internet of Things Journal, IEEE, 2017, 4(5):1250-1258.

Sathishkumar J., Patel D. R. “A Survey on Internet of Things: Security and Privacy Issues,“ International Journal of Computer Applications, 2014, 90(11):20-26.

Bouij-Pasquier I., Kalam A., Ouahman A. A., et al. “A Security Framework for Internet of Things,“ Springer, Cham, 2015.

Bass T. “Intrusion Detection Systems & Multisensor Data Fusion: Creating Cyberspace Situation Awareness,“ CiteSeer, 2000.

Endsley, Mica R. “Measurement of Situation Awareness in Dynamic Systems,“ Human Factors, 1995, 37(1):65-84.

Franke N., Hippel E. V. “The Case of Apache Security Software,“ Social Science Electronic Publishing.

Kou G., Wang S., Tang G. “Research on Key Technologies of Network Security Situation Awareness for Attack Tracking Prediction,“ Chinese Journal of Electronics, 2019, 28(001):162-171.

Zhylin A., Hudyncev M., Litvinov M. “Functional model of cybersecurity situation center,“ Collection Information technology and security, 2018, 6(2):51-67.

Lakhno V., Akhmetov B., Korchenko A., et al. “Development of a decision support system based on expert evaluation for the situation center of transport cybersecurity,“ Journal of Theoretical and Applied Information Technology, 2018, 96(14):4530-4540.

Chen S., Jian Z., Huang Y., et al. “Autonomous driving: cognitive construction and situation understanding,“ Science China Information Sciences, 2019, 62(008):1-27.

Kourti T. “Abnormal situation detection and projection methods— industrial applications. October 28–29, 2003. Hamilton, Ontario, Canada,“ Chemometrics & Intelligent Laboratory Systems, 2005, 76(2):215-220.

Lewis L., Jakobson G., Buford J. “Enabling cyber situation awareness, impact assessment, and situation projection,“ Military Communications Conference. IEEE, 2008.

Lin P., Chen Y. “Network Security Situation Assessment Based on Text SimHash in Big Data Environment,“ International Journal of Network Security, 2019, 21(4):699-708.