TY - GEN
T1 - A Distributed MAPE-K Framework for Self-Protective IoT Devices
AU - Riegler, Michael
AU - Sametinger, Johannes
AU - Vierhauser, Michael
PY - 2023
Y1 - 2023
N2 - Internet of Things (IoT) devices have become ubiquitous in our everyday life, with security becoming an ever-growing issue as more and more cyber-attack incidents being reported, primarily due to a deficiency in existing security mechanisms. However, while, for example, cloud-based applications, or industrial automation systems of systems possess significant resources for monitoring health, and determining their status and correct behavior at runtime, IoT devices operate with limited hardware capabilities and under tight resource constraints, making monitoring, analysis, and response activities a challenging endeavor. Following the NIST Cybersecurity Framework, IoT devices need to identify, protect, detect, respond and recover from cyber-attacks, unauthorized access, and other security threats. A common way to provide self-adaptation to changing conditions is the MAPE-K loop with four pivotal phases: Monitor, Analyze, Plan, and Execute. This paper presents DSec4IoT, a Distributed MAPE-K Framework for Self-Protective IoT Devices. Our framework leverages the idea of distributed MAPE-K patterns and establishes a model for managing and controlling Self-Protective IoT Devices. We evaluate our approach by simulating port scans and performing adaptation activities. Results have confirmed that DSec4IoT can be easily applied to detect and mitigate them.
AB - Internet of Things (IoT) devices have become ubiquitous in our everyday life, with security becoming an ever-growing issue as more and more cyber-attack incidents being reported, primarily due to a deficiency in existing security mechanisms. However, while, for example, cloud-based applications, or industrial automation systems of systems possess significant resources for monitoring health, and determining their status and correct behavior at runtime, IoT devices operate with limited hardware capabilities and under tight resource constraints, making monitoring, analysis, and response activities a challenging endeavor. Following the NIST Cybersecurity Framework, IoT devices need to identify, protect, detect, respond and recover from cyber-attacks, unauthorized access, and other security threats. A common way to provide self-adaptation to changing conditions is the MAPE-K loop with four pivotal phases: Monitor, Analyze, Plan, and Execute. This paper presents DSec4IoT, a Distributed MAPE-K Framework for Self-Protective IoT Devices. Our framework leverages the idea of distributed MAPE-K patterns and establishes a model for managing and controlling Self-Protective IoT Devices. We evaluate our approach by simulating port scans and performing adaptation activities. Results have confirmed that DSec4IoT can be easily applied to detect and mitigate them.
U2 - 10.1109/SEAMS59076.2023.00034
DO - 10.1109/SEAMS59076.2023.00034
M3 - Conference proceedings
SN - 979-8-3503-1192-1
T3 - 18th Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS)
SP - 202
EP - 208
BT - Proceedings of the 18th Symposium on Software Engineering for Adaptive and Self-Managing Systems
A2 - IEEE, null
ER -
