A Graph-Based Security Framework for Securing Industrial IoT Networks From Vulnerability Exploitations

• Main Authors: Gemini George, Sabu M. Thampi
• Format: Article
• Language: English
• Published: IEEE 2018-01-01
• Series: IEEE Access
• Subjects: Industrial IoT; Internet of Things; network security; risk assessment; attack graph
• Online Access: https://ieeexplore.ieee.org/document/8430731/

Industrial IoT (IIoT) refers to the application of IoT in industrial management to improve the overall operational efficiency. With IIoT that accelerates the industrial automation process by enrolling thousands of IoT devices, strong security foundations are to be deployed befitting the distributed connectivity and constrained functionalities of the IoT devices. Recent years witnessed severe attacks exploiting the vulnerabilities in the devices of IIoT networks. Moreover, attackers can use the relations among the vulnerabilities to penetrate deep into the network. This paper addresses the security issues in IIoT network because of the vulnerabilities existing in its devices. As graphs are efficient in representing relations among entities, we propose a graphical model representing the vulnerability relations in the IIoT network. This helps to formulate the security issues in the network as graph-theoretic problems. The proposed model acts as a security framework for the risk assessment of the network. Furthermore, we propose a set of risk mitigation strategies to improve the overall security of the network. The strategies include detection and removal of the attack paths with high risk and low hop-length. We also discuss a method to identify the strongly connected vulnerabilities referred as hot-spots. A use-case is discussed and various security parameters are evaluated. The simulation results with graphs of different sizes and structures are presented for the performance evaluation of the proposed techniques against the changing dynamics of the IIoT networks.