Cyber Resilience for the Internet of Things: Implementations With Resilience Engines and Attack Classifications

Recently, the number of publicized attacks on IoT devices has noticeably grown. This is in part due to the increasing deployment of embedded systems into various domains, including critical infrastructure, which makes them a valuable asset and a compromise can cause significant damages. In this case...

Full description

Saved in:
Bibliographic Details
Published inIEEE transactions on emerging topics in computing Vol. 12; no. 2; pp. 583 - 600
Main Authors Alvarenga, Eduardo, Brands, Jan R., Doliwa, Peter, den Hartog, Jerry, Kraft, Erik, Medwed, Marcel, Nikov, Ventzislav, Renes, Joost, Rosso, Martin, Schneider, Tobias, Veshchikov, Nikita
Format Journal Article
LanguageEnglish
Published New York IEEE 01.04.2024
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Architecture
Attack detection
Classification
Cloud computing
Computer architecture
Critical infrastructure
cyber resilience
Data acquisition
device recovery
Embedded systems
Engines
Internet of Things
Monitoring
NIST
Recovery
Resilience
self-monitoring
trusted services
Online AccessGet full text

Cover

More Information
Summary:Recently, the number of publicized attacks on IoT devices has noticeably grown. This is in part due to the increasing deployment of embedded systems into various domains, including critical infrastructure, which makes them a valuable asset and a compromise can cause significant damages. In this case, it is often required to send an engineer to manually recover the devices, as the attack leaves them out of reach of standard remote management solutions. To avoid this costly process, the concept of cyber resilience has gained traction in recent years in both academia and industry. Its core idea is to enable compromised devices to recover themselves to a trusted state without human intervention. Initial guidelines and architectures to realize cyber resilience have been published by standardization entities like NIST and TCG, and in multiple academic article. While the initial works focused on guaranteed recovery, recent proposals included attack detection to speed up the recovery process. In this work, we build on top of these ideas and present an extended resilience architecture. We present new implementations of resilience engines with a focus on secure and reliable data acquisition for attack detection and classification. Our attack classification engine enables tailored, more efficient recovery responses.
ISSN:2168-6750
2168-6750
DOI:10.1109/TETC.2022.3231692