IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition
Moving target defense (MTD) and decoy strategies, measures of active defense, were introduced to secure both the proactive security and reactive adaptability of internet-of-things (IoT) networks that have been explosively applied to various industries without any strong security measures and to miti...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2022-05-01
|
| Series: | Electronics |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2079-9292/11/10/1623 |
| _version_ | 1797500257027751936 |
|---|---|
| author | Sang Seo Dohoon Kim |
| author_facet | Sang Seo Dohoon Kim |
| author_sort | Sang Seo |
| collection | DOAJ |
| description | Moving target defense (MTD) and decoy strategies, measures of active defense, were introduced to secure both the proactive security and reactive adaptability of internet-of-things (IoT) networks that have been explosively applied to various industries without any strong security measures and to mitigate the side effects of threats. However, the existing MTD and decoy strategies are limited to avoiding the attacker’s reconnaissance and initial intrusion attempts through simple structural mutations or inducing the attackers to a static trap based on the deceptive path and lack approaches to adaptively optimize IoT in consideration of the unique characteristic information by the domain of IoT. Game theory-based and decoy strategies are other options; however, they do not consider the dynamicity and uncertainty of the decision-making stages by the organizational agent related to the IoT domains. Therefore, in this paper, we present a type of organizational deception modeling, namely IoT-based organizational deception modeling (IoDM), which considers both the dynamic topologies and organizational business fingerprints customized in the IoT domain and operational purpose. For this model, we considered the practical scalability of the existing IoT-enabled MTD and decoy concepts and formulated the partially incomplete deceptive decision-making modeling for the cyber-attack and defense competition for IoT in real-time based on the general-sum game. According to our experimental results, the efficiency of the deceptive defense of the IoT defender could be improved by 70% on average while deriving the optimal defense cost compared to the increased defense performance. The findings of this study will improve the deception performances of MTD and decoy strategies by IoT scenarios related to various operational domains such as smart home networks, industrial networks, and medical networks. To the best of our knowledge, this study has employed social-engineering IoT knowledge and general-sum game theory for the first time. |
| first_indexed | 2024-03-10T03:59:19Z |
| format | Article |
| id | doaj.art-c0db7020da5942edba674aeca5c79afc |
| institution | Directory Open Access Journal |
| issn | 2079-9292 |
| language | English |
| last_indexed | 2024-03-10T03:59:19Z |
| publishDate | 2022-05-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Electronics |
| spelling | doaj.art-c0db7020da5942edba674aeca5c79afc2023-11-23T10:47:55ZengMDPI AGElectronics2079-92922022-05-011110162310.3390/electronics11101623IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game CompetitionSang Seo0Dohoon Kim1Department of Computer Science, Kyonggi University, Suwon-si 16227, KoreaDepartment of Computer Science, Kyonggi University, Suwon-si 16227, KoreaMoving target defense (MTD) and decoy strategies, measures of active defense, were introduced to secure both the proactive security and reactive adaptability of internet-of-things (IoT) networks that have been explosively applied to various industries without any strong security measures and to mitigate the side effects of threats. However, the existing MTD and decoy strategies are limited to avoiding the attacker’s reconnaissance and initial intrusion attempts through simple structural mutations or inducing the attackers to a static trap based on the deceptive path and lack approaches to adaptively optimize IoT in consideration of the unique characteristic information by the domain of IoT. Game theory-based and decoy strategies are other options; however, they do not consider the dynamicity and uncertainty of the decision-making stages by the organizational agent related to the IoT domains. Therefore, in this paper, we present a type of organizational deception modeling, namely IoT-based organizational deception modeling (IoDM), which considers both the dynamic topologies and organizational business fingerprints customized in the IoT domain and operational purpose. For this model, we considered the practical scalability of the existing IoT-enabled MTD and decoy concepts and formulated the partially incomplete deceptive decision-making modeling for the cyber-attack and defense competition for IoT in real-time based on the general-sum game. According to our experimental results, the efficiency of the deceptive defense of the IoT defender could be improved by 70% on average while deriving the optimal defense cost compared to the increased defense performance. The findings of this study will improve the deception performances of MTD and decoy strategies by IoT scenarios related to various operational domains such as smart home networks, industrial networks, and medical networks. To the best of our knowledge, this study has employed social-engineering IoT knowledge and general-sum game theory for the first time.https://www.mdpi.com/2079-9292/11/10/1623defensive deceptioninternet-of-thingsmoving target defensedecoygame theory |
| spellingShingle | Sang Seo Dohoon Kim IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition Electronics defensive deception internet-of-things moving target defense decoy game theory |
| title | IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition |
| title_full | IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition |
| title_fullStr | IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition |
| title_full_unstemmed | IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition |
| title_short | IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition |
| title_sort | iodm a study on a iot based organizational deception modeling with adaptive general sum game competition |
| topic | defensive deception internet-of-things moving target defense decoy game theory |
| url | https://www.mdpi.com/2079-9292/11/10/1623 |
| work_keys_str_mv | AT sangseo iodmastudyonaiotbasedorganizationaldeceptionmodelingwithadaptivegeneralsumgamecompetition AT dohoonkim iodmastudyonaiotbasedorganizationaldeceptionmodelingwithadaptivegeneralsumgamecompetition |