@inproceedings{5d6546c9e5a24e8a9c858094b3bc89f3,
title = "Deploying robust security in internet of things",
abstract = "Popularization of the Internet-of-Things (IoT) has brought widespread concerns on IoT security, especially in face of several recent security incidents related to IoT devices. Due to the resource-constrained nature of many IoT devices, security offloading has been proposed to provide good-enough security for IoT with minimum overhead on the devices. In this paper, we investigate the inevitable risk associated with security offloading: The unprotected and unmonitored transmission from IoT devices to the offloaded security mechanisms. An important challenge in modeling the security risk is the dynamic nature of IoT due to demand fluctuations and infrastructure instability. We propose a stochastic model to capture both the expected and worst-case security risks of an IoT system. We then propose a framework to efficiently address the optimal robust deployment of security mechanisms in IoT. We use results from extensive simulations to demonstrate the superb performance and efficiency of our approach compared to several other algorithms.",
keywords = "Internet-of-Things, conditional value-at-risk, risk measurement, robustness, security offloading",
author = "Ruozhou Yu and Guoliang Xue and Kilari, {Vishnu Teja} and Xiang Zhang",
note = "Funding Information: In this paper, we studied the security risk associated with offloading security from IoT devices to fog or cloud nodes in the network. To maximize system security and robustness, the operator would want to deploy in-network security functions to minimize the security risk of all users, given various scenarios including varying demands and network failures. We made the following contributions. First, we proposed a stochastic model for uncertainties in IoT. Second, we used an economic model (CVaR) to capture the worst-case security risk of the system, in addition to the conventional expectation-based model. Third, we developed a decomposition-based optimization framework for optimizing both the expected security risk and the its CVaR in scenario-based stochastic programming. We then enhanced the framework with an analytical model tailored to drastically reduce its optimization overhead. Finally, we showed, through simulations, that the proposed model well captures system security risk up to a small tail probability, and that the proposed framework achieves optimal security deployment with limited overhead compared to other algorithms. ACKNOWLEDGEMENT This research was supported in part by NSF grants 1461886, 1704092, and 1717197. The reported information does not reflect the position or policy of the funding agency. Publisher Copyright: {\textcopyright} 2018 IEEE.; 6th IEEE Conference on Communications and Network Security, CNS 2018 ; Conference date: 30-05-2018 Through 01-06-2018",
year = "2018",
month = aug,
day = "10",
doi = "10.1109/CNS.2018.8433219",
language = "English (US)",
isbn = "9781538645864",
series = "2018 IEEE Conference on Communications and Network Security, CNS 2018",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
booktitle = "2018 IEEE Conference on Communications and Network Security, CNS 2018",
}