Delve into the architecture of defensive strategies to protect IoT devices from targeted attacks
DOI:
https://doi.org/10.29304/jqcsm.2025.17.22201Keywords:
cyber-attacks, IoT, protect interconnected systems, security assessmentAbstract
The great development in information technology and the Internet of Things is accompanied by several concerns, the most important of which are security vulnerabilities and cyber-attacks that affect the joints of the connection between resources, as old methods are no longer sufficient to reduce security vulnerabilities and protect interconnected systems.
The study aimed to design a strategy that works on defense, combating deception, controlling operating systems, and diversity in the process of operational mobility with a process of updating and evaluating in real time by deploying deceptive nodes and dynamically moving between operating systems of Internet of Things devices and continuously monitoring the attack surface.
This study focuses on the security returns resulting from the designed system, as it adopts a multi-layered security approach to protect Internet of Things networks from complex and targeted threats. This defensive approach is a powerful approach to increase the complexity of attackers and try to stop them and improve the overall resilience of the Internet of Things ecosystem. The effectiveness of the proposed defense-in-depth strategy is evaluated through simulation and performance analysis, which indicates its ability to mitigate various types of attacks while maintaining acceptable overhead.
Downloads
References
Dudhe, P.V., N.V. Kadam, R.M. Hushangabade,M.S. Deshmukh. Internet of Things (IOT): An overview and its applications. in 2017 International Conference on Energy, Communication, Data Analytics and Soft Computing (ICECDS). 2017. Chennai, India.
Bhuse, V. Review of End-to-End Encryption for Social Media. in Proceedings of the 18th International Conference on Cyber Warfare and Security. 2023. Maryland, USA: Academic Conferences International Limited.
Sodja, C., J. Carroll, M. Turcotte,J. Neil. Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting. 2022 [cited 2024 09/01/2024]; Available from: https://www.microsoft.com/security/blog/automating-threat-actor-tracking/
Dykstra, J., K. Shortridge, J. Met,D. Hough (2022) Sludge for good: Slowing and imposing costs on cyber attackers. arXiv preprint. arXiv:2211.16626. https://doi.org/https://doi.org/10.48550/arXiv.2211.16626
Saeed, S., S.A. Altamimi, N.A. Alkayyal, E. Alshehri,D.A. Alabbad (2023) Digital Transformation and Cybersecurity Challenges for Businesses Resilience: Issues and Recommendations. Sensors. 23(15): 6666.
Saeed, S., S.A. Suayyid, M.S. Al-Ghamdi, H. Al-Muhaisen,A.M. Almuhaideb (2023) A Systematic Literature Review on Cyber Threat Intelligence for Organizational Cybersecurity Resilience. Sensors. 23(16): 7273.
Salzano, A., C.M. Parisi, G. Acampa,M. Nicolella (2023) Existing assets maintenance management: Optimizing maintenance procedures and costs through BIM tools. Automation in Construction. 149: 104788. https://doi.org/https://doi.org/10.1016/j.autcon.2023.104788
Pawlick, J., E. Colbert,Q. Zhu (2019) A Game-theoretic Taxonomy and Survey of Defensive Deception for Cybersecurity and Privacy. ACM Comput. Surv. 52(4): Article 82. https://doi.org/10.1145/3337772
Zhang, L.,V.L.L. Thing (2021) Three decades of deception techniques in active cyber defense - Retrospect and outlook. Computers & Security. 106: 102288. https://doi.org/https://doi.org/10.1016/j.cose.2021.102288
Vasudevan, V., Z. Zakhour, V. Gomes,S. Raju. Top 10 cybersecurity threats in 2024. 2024 [cited 2024 09/01/2024]; Available from: https://eviden.com/publications/digital-security-magazine/cybersecurity-predictions-2024/top-10-cybersecurity-threats/.
Abolhassani Khajeh, S., M. Saberikamarposhti,A.M. Rahmani (2022) Real-Time Scheduling in IoT Applications: A Systematic Review. Sensors (Basel). 23(1). https://doi.org/10.3390/s23010232
Smith, C.L. Understanding concepts in the defence in depth strategy. in IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings. 2003. Taipei, Taiwan.
Liebowitz, D., S. Nepal, K. Moore, C.J. Christopher, S.S. Kanhere, D. Nguyen, R.C. Timmer, M. Longland,K. Rathakumar. Deception for Cyber Defence: Challenges and Opportunities. in 2021 Third IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA). 2021. Atlanta, GA, USA: IEEE.
Mohan, P.V., S. Dixit, A. Gyaneshwar, U. Chadha, K. Srinivasan,J.T. Seo (2022) Leveraging Computational Intelligence Techniques for Defensive Deception: A Review, Recent Advances, Open Problems and Future Directions. Sensors (Basel). 22(6). https://doi.org/10.3390/s22062194
Ahmad, R., I. Alsmadi, W. Alhamdani,L.a. Tawalbeh (2023) Zero-day attack detection: a systematic literature review. Artificial Intelligence Review. 56(10): 10733-10811. https://doi.org/10.1007/s10462-023-10437-z
Sheibani, M., S. Konur, I. Awan,A. Qureshi (2024) A Multi-Layered Defence Strategy against DDoS Attacks in SDN/NFV-Based 5G Mobile Networks. Electronics. 13(8): 1515.
Aboelwafa, M.M.N., K.G. Seddik, M.H. Eldefrawy, Y. Gadallah,M. Gidlund (2020) A Machine-Learning-Based Technique for False Data Injection Attacks Detection in Industrial IoT. IEEE Internet of Things Journal. 7(9): 8462-8471. https://doi.org/10.1109/JIOT.2020.2991693
Ahanger, T.A., U. Tariq, A. Ibrahim, I. Ullah, Y. Bouteraa,F. Gebali (2022) Securing IoT-Empowered Fog Computing Systems: Machine Learning Perspective. Mathematics. 10(8): 1298.
Ahmad, W., A. Rasool, A.R. Javed, T. Baker,Z. Jalil (2022) Cyber Security in IoT-Based Cloud Computing: A Comprehensive Survey. Electronics. 11(1): 16.
Al-Masri, E., K.R. Kalyanam, J. Batts, J. Kim, S. Singh, T. Vo,C. Yan (2020) Investigating Messaging Protocols for the Internet of Things (IoT). IEEE Access. 8: 94880-94911. https://doi.org/10.1109/ACCESS.2020.2993363
Alyahya, S., W.U. Khan, S. Ahmed, S.N.K. Marwat,S. Habib (2022) Cyber Secure Framework for Smart Agriculture: Robust and Tamper-Resistant Authentication Scheme for IoT Devices. Electronics. 11(6): 963.
Bala, B.,S. Behal (2024) AI techniques for IoT-based DDoS attack detection: Taxonomies, comprehensive review and research challenges. Computer Science Review. 52: 100631. https://doi.org/https://doi.org/10.1016/j.cosrev.2024.100631
Ben Othman, S., F.A. Almalki,H. Sakli (2022) Internet of Things in the Healthcare Applications: Overview of Security and Privacy Issues. In Intelligent Healthcare: Infrastructure, Algorithms and Management, Chakraborty, C.,Khosravi, M.R. (eds). Springer Nature Singapore. Singapore
Chatterjee, U.,S. Ray (2022) Security Issues on IoT Communication and Evolving Solutions. In Soft Computing in Interdisciplinary Sciences, Chakraverty, S. (eds). Springer Singapore. Singapore
Cho, Y., J. Oh, D. Kwon, S. Son, J. Lee,Y. Park (2022) A Secure and Anonymous User Authentication Scheme for IoT-Enabled Smart Home Environments Using PUF. IEEE Access. 10: 101330-101346. https://doi.org/10.1109/ACCESS.2022.3208347
Kavak, H., J.J. Padilla, D. Vernon-Bido, S.Y. Diallo, R. Gore,S. Shetty (2021) Simulation for cybersecurity: state of the art and future directions. Journal of Cybersecurity. 7(1). https://doi.org/10.1093/cybsec/tyab005
Jing, H.,J. Wang (2022) [Retracted] Detection of DDoS Attack within Industrial IoT Devices Based on Clustering and Graph Structure Features. Security and Communication Networks. 2022(1): 1401683. https://doi.org/https://doi.org/10.1155/2022/1401683
Web of Science. Web of science search. 2024 [cited 2024 09/01/2024]; Available from: https://www.webofscience.com/wos/author/search.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Mohammed Rajih Mohammed
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
