research-article

Survivability Analysis of IoT Systems Under Resource Exhausting Attacks

Authors:

Roberto Pietrantuono,

Francesco PalmieriAuthors Info & Claims

IEEE Transactions on Information Forensics and Security, Volume 18

Pages 3277 - 3288

https://doi.org/10.1109/TIFS.2023.3278449

Published: 01 January 2023 Publication History

Abstract

Essential services in an Internet of Things (IoT)-based critical system should be continuously provided even when undesirable events like failures, attacks, and emergencies happen. In this work, we analyze the system’s ability to survive failures that are caused by resource exhaustion attacks. Such ability to survive means that the system’s services should be provided in compliance with the associated requirements also in presence of failures and other undesired events. Accordingly, we present a hybrid method (i.e., measurements- and model-based) to assess the expected survivability of an IoT system under resource-exhaustion attacks and, based on it, to optimize the preventive maintenance trigger period that maximizes survivability and minimizes the expected downtime cost. A realistic case study is implemented to emulate an IoT scenario and used to estimate the extent of resource consumption at each layer of the IoT stack when the system is subject to a resource-exhaustion attack. A semi-Markov process is then adopted to model the transient behavior of the system during an intrusion. The model is enriched with an additional state that represents a proactive recovery, in which the system is not available for a maintenance action aimed at preventing failure. The model solution gives the optimal maintenance triggering time.

References

[1]

IoT Security Issues in 2022: A Bus. Perspective. Accessed: 2022. [Online]. Available: https://www.thalesgroup.com/en/markets/digital-identity-and-security/iot/magazine/internet-threats

[2]

A. Altaf, H. Abbas, F. Iqbal, M. Z. M. M. Khan, and M. Daneshmand, “Robust, secure, and adaptive trust-oriented service selection in IoT-based smart buildings,” IEEE Internet Things J., vol. 8, no. 9, pp. 7497–7505, Dec. 2021.

[3]

G. Liang, J. Zhao, F. Luo, S. R. Weller, and Z. Y. Dong, “A review of false data injection attacks against modern power systems,” IEEE Trans. Smart Grid, vol. 8, no. 4, pp. 1630–1638, Jul. 2017.

[4]

P. Derler, E. A. Lee, and A. S. Vincentelli, “Modeling cyber-physical systems,” Proc. IEEE, vol. 100, no. 1, pp. 13–28, Jan. 2012.

[5]

Z. S. Ma, “A unified definition for reliability, survivability and resilience inspired by the handicap principle and ecological stability,” J. Crit. Infrastruct., vol. 8, no. 2, pp. 242–272, 2012.

[6]

P. E. Heegaard and K. S. Trivedi, “Network survivability modeling,” Comput. Netw., vol. 53, no. 8, pp. 1215–1234, Jun. 2009.

Digital Library

[7]

M. Woodard, K. Marashi, S. S. Sarvestani, and A. R. Hurson, “Survivability evaluation and importance analysis for cyber-physical smart grids,” Rel. Engin. Syst. Saf., vol. 201, Jun. 2021, Art. no.

[8]

J. Zhao, G. Zhang, M. L. Scala, Z. Y. Dong, C. Chen, and J. Wang, “Short-term state forecasting-aided method for detection of smart grid general false data injection attacks,” IEEE Trans. Smart Grid, vol. 8, no. 4, pp. 1580–1590, Jul. 2017.

[9]

N. Živkovic and A. T. Saric, “Detection of false data injection attacks using unscented Kalman filter,” J. Modern Power Syst. Clean Energy, vol. 6, no. 5, pp. 847–859, Sep. 2018.

[10]

X. Liang, Y. Wu, M. Ni, and M. Li, “Survivability index and evaluation framework for cyber physical power systems,” in Proc. 12th IEEE PES Asia–Pacific Power Energy Eng. Conf. (APPEEC), Sep. 2020, pp. 1–5.

[11]

A. K. Srivastava, T. A. Ernster, R. Liu, and V. G. Krishnan, “Graph-theoretic algorithms for cyber-physical vulnerability analysis of power grid with incomplete information,” J. Modern Power Syst. Clean Energy, vol. 6, no. 5, pp. 887–899, Sep. 2018.

[12]

S. Huang, H. Zhang, J. Wang, and J. Huang, “Markov differential game for network defense decision-making method,” IEEE Access, vol. 6, pp. 39621–39634, 2018.

[13]

H. B. Mann, “Nonparametric tests against trend,” Econometrica, J. Econ. Soc., vol. 13, no. 3, pp. 245–259, 1945.

[14]

P. K. Sen, “Estimates of the regression coefficient based on Kendall’s tau,” J. Amer. Stat. Assoc., vol. 63, no. 324, pp. 1379–1389, Dec. 1968.

[15]

B. Di Martino, M. Rak, M. Ficco, A. Esposito, S. A. Maisto, and S. Nacchia, “Internet of Things reference architectures, security and interoperability: A survey,” Internet Things, vols. 1–2, pp. 99–112, Sep. 2018.

[16]

E. Borgia, “The Internet of Things vision: Key features, applications and open issues,” Comput. Commun., vol. 54, pp. 1–31, Dec. 2014.

Digital Library

[17]

M. Weyrich and C. Ebert, “Reference architectures for the Internet of Things,” IEEE Softw., vol. 33, no. 1, pp. 112–116, Jan. 2016.

Digital Library

[18]

IoT Joint Reference Architecture From Intel and SAP. Accessed: Mar. 2021. [Online]. Available: https://www.intel.com/content/dam/www/public/us/en/documents/reference-architectures/sap-iot-reference-architecture.pdf

[19]

Recommendation Y.2060: Overview of the Internet of Things. Accessed: Mar. 2021. [Online]. Available: https://www.itu.int/rec/T-REC-Y.2060-201206-I

[20]

Internet of Things (IoT) Reference Architecture, document ISO/IEC 30141, 2018. [Online]. Available: https://www.iso.org/standard/65695.html

[21]

M. Ficco and M. Rak, “Stealthy denial of service strategy in cloud computing,” IEEE Trans. Cloud Comput., vol. 3, no. 1, pp. 80–94, Jan. 2015.

[22]

M. Ficco, “Could emerging fraudulent energy consumption attacks make the cloud infrastructure costs unsustainable?” Inf. Sci., vol. 476, pp. 474–490, Feb. 2019.

[23]

E. Y. Vasserman and N. Hopper, “Vampire attacks: Draining life from wireless ad hoc sensor networks,” IEEE Trans. Mobile Comput., vol. 12, no. 2, pp. 318–332, Feb. 2013.

Digital Library

[24]

C. Hsueh, C. Wen, and Y. Ouyang, “A secure scheme against power exhausting attacks in hierarchical wireless sensor networks,” IEEE Sensors J., vol. 15, no. 6, pp. 3590–3602, Jun. 2015.

[25]

C. Dogan, S. Yilmaz, and S. Sen, “Analysis of RPL objective functions with security perspective,” in Proc. 11th Int. Conf. Sensor Netw., 2022, pp. 71–80.

[26]

H. Kim, K. G. Shin, and P. Pillai, “MODELZ: Monitoring, detection, and analysis of energy-greedy anomalies in mobile handsets,” IEEE Trans. Mobile Comput., vol. 10, no. 7, pp. 968–981, Jul. 2011.

Digital Library

[27]

V. Shakhov and I. Koo, “Depletion-of-battery attack: Specificity, modelling and analysis,” Sensors, vol. 18, no. 1849, pp. 1–20, 2018.

[28]

D. Raymond, R. Marchany, R. Brownfield, and R. Midkiff, “Effects of denial of sleep attacks on wireless sensor network MAC protocols,” IEEE Trans. Veh. Technol., vol. 58, no. 1, pp. 367–380, Jan. 2009.

[29]

J. C. Knight and K. J. Sullivan, “On the definition of survivability,” Dept. Comput. Sci., Univ. Virginia, Richmond, VA, USA, Tech. Rep. CS-TR-33-00, 2000.

[30]

“Enhanced network survivability performance,” ANSI T1A1.2 Working Group Netw. Survivability Perform., ANSI, Washington, DC, USA, Tech. Rep. TR No. 68, Feb. 2001.

[31]

S. Hosseini, K. Barker, and J. E. Ramirez-Marquez, “A review of definitions and measures of system resilience,” Rel. Eng. Syst. Saf., vol. 145, pp. 47–61, Jan. 2016.

[32]

S. A. M. Saleh and M. R. Chowdhury, “Survivability analysis of impacts of load-side activities on power systems,” IEEE Trans. Ind. Appl., vol. 58, no. 2, pp. 1869–1878, Mar. 2022.

[33]

L. Jin, G. Zhang, J. Wang, H. Zhu, and W. Duan, “Quantitative survivability analysis using probability model checking: A study of cluster-based vehicle networks with dual cluster heads,” China Commun., vol. 17, no. 2, pp. 206–219, Feb. 2020.

[34]

Q. A. Al-Haija and S. Brahma, “Optimization of cyber system survivability under attacks using redundancy of components,” in Proc. 53rd Annu. Conf. Inf. Sci. Syst. (CISS), Mar. 2019, pp. 1–6.

[35]

Y. Wu, H. Xu, and M. Ni, “Defensive resource allocation method for improving survivability of communication and information system in CPPS against cyber-attacks,” J. Modern Power Syst. Clean Energy, vol. 8, no. 4, pp. 750–759, Jul. 2020.

[36]

B. J. Mohd and T. Hayajneh, “Lightweight block ciphers for IoT: Energy optimization and survivability techniques,” IEEE Access, vol. 6, pp. 35966–35978, 2018.

[37]

M. Elappila, S. Chinara, and D. R. Parhi, “Survivability aware channel allocation in WSN for IoT applications,” Pervas. Mobile Comput., vol. 61, pp. 1–20, Jun. 2020.

[38]

Hulk-HTTP DoS Attack Tool. Accessed: Jun. 2020. [Online]. Available: https://github.com/grafov/hulk

[39]

Sockstress TCP DoS Attack Tool. Accessed: Feb. 2020. [Online]. Available: https://github.com/defuse/sockstress

[40]

Hping3 Network Flood DDoS. Accessed: Mar. 2021. [Online]. Available: https://linuxhint.com/hping3/

[41]

SlowHTTPtest Slow HTTP POST DoS Attack Tool. Accessed: Mar. 2020. [Online]. Available: https://tools.kali.org/stress-testing/slowhttptest

[42]

LOIC TCP/UDP DoS Attack Tool. Accessed: Mar. 2020. [Online]. Available: https://sourceforge.net/projects/loic/

[43]

Hydra SSH Brute Force Attack Tool. Accessed: Apr. 2020. [Online]. Available: https://linuxconfig.org/ssh-password-testing-with-hydra-on-kali-linux

[44]

BoNeSi ICMP/HTTP DDoS Attack Tool. Accessed: 2020. [Online]. Available: https://github.com/Markus-Go/bonesi

[45]

BlueSmack Bluetooth Ping Flooding Attack Tool. Accessed: Feb. 2020. [Online]. Available: https://www.bluejackingtools.com/unix/bluesmack/

[46]

Bluper Bluetooth File Transfer. Accessed: Feb. 2020. [Online]. Available: https://downloadcenter.intel.com/it/download/30326?v=t

[47]

Wificurse WiFi Jamming Attack Tool. Accessed: 2020. [Online]. Available: https://github.com/oblique/wificurse

[48]

D. Cotroneo, R. Natella, R. Pietrantuono, and S. Russo, “A survey of software aging and rejuvenation studies,” ACM J. Emerg. Technol. Comput. Syst., vol. 10, no. 1, pp. 1–34, Jan. 2014.

Digital Library

[49]

M. Telek, A. Pfening, and G. Fodor, “An effective numerical method to compute the moments of the completion time of Markov reward models,” Comput. Math. Appl., vol. 36, no. 8, pp. 59–65, 1998.

[50]

S. Garg, A. Puliafito, M. Telek, and K. Trivedi, “Analysis of preventive maintenance in transactions based software systems,” IEEE Trans. Comput., vol. 47, no. 1, pp. 96–107, Jan. 1998.

Digital Library

[51]

K. Vaidyanathan and K. S. Trivedi, “A comprehensive model for software rejuvenation,” IEEE Trans. Depend. Secure Comput., vol. 2, no. 2, pp. 124–137, Feb. 2005.

Digital Library

[52]

K. S. Trivedi, Probability and Statistics, With Reliability, Queuing and Computer Science Applications, 2nd ed. Hoboken, NJ, USA: Wiley, 2001.

Digital Library

Cited By

Fusco PRimoli GFicco M(2024)TinyIDS - An IoT Intrusion Detection System by Tiny Machine LearningComputational Science and Its Applications – ICCSA 2024 Workshops10.1007/978-3-031-65223-3_5(71-82)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1007/978-3-031-65223-3_5
Rajesh Babu GSharma V(2023)RTIFQLD: An Integrated Framework for RealTime IoT Forensic Analysis via Incremental QLearning Modelled with Resource Aware DQN OperationsProceedings of the 5th International Conference on Information Management & Machine Intelligence10.1145/3647444.3647897(1-12)Online publication date: 23-Nov-2023
https://dl.acm.org/doi/10.1145/3647444.3647897
Chochliouros IPages-Montanera EAlcázar-Fernández AZahariadis TVelivassaki TSkianis CRossini RBelesioti MDrosos NBakiris EPedholla PKarkazis PSamal AContreras Murillo LDel Río ASerrano JSkias DSegou OWaechter S(2023)NEMO: Building the Next Generation Meta Operating SystemProceedings of the 3rd Eclipse Security, AI, Architecture and Modelling Conference on Cloud to Edge Continuum10.1145/3624486.3624504(1-9)Online publication date: 17-Oct-2023
https://dl.acm.org/doi/10.1145/3624486.3624504

Recommendations

Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines

The Internet has become essential to all aspects of modern life, and thus the consequences of network disruption have become increasingly severe. It is widely recognised that the Internet is not sufficiently resilient, survivable, and dependable, and ...
SAD-IoT: Security Analysis of DDoS Attacks in IoT Networks
Abstract
Internet of Things is one of the most versatile technologies in existence today. It has taken over our day to day activities and thus has many applications that are designed to make life easier and simpler. Partly because IoT is new, it is replete ...
Survivability analysis of networked systems
ICSE '01: Proceedings of the 23rd International Conference on Software Engineering

Survivability is the ability of a system to continue operating despite the presence of abnormal events such as failures and intrusions. Ensuring system survivability has increased in importance as critical infrastructures have become heavily dependent ...

Comments

Information & Contributors

Information

Published In

cover image IEEE Transactions on Information Forensics and Security

IEEE Transactions on Information Forensics and Security Volume 18, Issue

2023

4507 pages

ISSN:1556-6013

Issue’s Table of Contents

1556-6021 © 2023 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See https://www.ieee.org/publications/rights/index.html for more information.

Publisher

IEEE Press

Publication History

Published: 01 January 2023

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 06 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Fusco PRimoli GFicco M(2024)TinyIDS - An IoT Intrusion Detection System by Tiny Machine LearningComputational Science and Its Applications – ICCSA 2024 Workshops10.1007/978-3-031-65223-3_5(71-82)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1007/978-3-031-65223-3_5
Rajesh Babu GSharma V(2023)RTIFQLD: An Integrated Framework for RealTime IoT Forensic Analysis via Incremental QLearning Modelled with Resource Aware DQN OperationsProceedings of the 5th International Conference on Information Management & Machine Intelligence10.1145/3647444.3647897(1-12)Online publication date: 23-Nov-2023
https://dl.acm.org/doi/10.1145/3647444.3647897
Chochliouros IPages-Montanera EAlcázar-Fernández AZahariadis TVelivassaki TSkianis CRossini RBelesioti MDrosos NBakiris EPedholla PKarkazis PSamal AContreras Murillo LDel Río ASerrano JSkias DSegou OWaechter S(2023)NEMO: Building the Next Generation Meta Operating SystemProceedings of the 3rd Eclipse Security, AI, Architecture and Modelling Conference on Cloud to Edge Continuum10.1145/3624486.3624504(1-9)Online publication date: 17-Oct-2023
https://dl.acm.org/doi/10.1145/3624486.3624504

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents