Not logged in.
Quick Search - Contribution
Contribution Details
| Type | Bachelor's Thesis |
| Scope | Discipline-based scholarship |
| Title | Design and Implementation of an MTD Strategy Selection Agent using IoT Platform Metrics |
| Organization Unit | |
| Authors |
|
| Supervisors |
|
| Language |
|
| Institution | University of Zurich |
| Faculty | Faculty of Business, Economics and Informatics |
| Date | 2022 |
| Abstract Text | IoT technologies have experienced a continuous upswing in recent years, resulting in countless types of networked devices. With the flourishing of these technologies and especially the use of IoT sensors, daily life has been improved in many ways and brought new opportunities, such as the IoT crowdsensing platform ElectroSense. The fact that these resource-constraint devices are vulnerable to cyberattacks raises the question of how to provide a suitable and reliable security system. Using the MTD paradigm suggests deploying specific defense mechanisms to mitigate malicious software damage. For the actual decision process, i.e., under which circumstances a corresponding countermeasure is triggered, often complex technologies such as machine learning, game theory, or evolutionary algorithms are used based on non-system metrics. This work contributes to the research by proposing an MTD Strategy Selection Agent StraSelA that makes decisions using a simple set of rules, also called policy, based on system metrics. For this purpose, seven malware from Command and Control, Ransomware, and Rootkit, as well as an ElectroSense remote sensor running on a Raspberry Pie 4, were considered. The underlying metrics were initially defined in systematic literature research about malware. Subsequently, the device behavior was recorded, and specific rules for executing defense measures were created through data analysis of the individual metrics and then experimentally fine-tuned. The architecture of StraSelA was defined and then implemented so that the software, together with the synthesized policy database on the IoT device, can firstly detect any malware that occurs and secondly trigger a suitable countermeasure accordingly. After evaluating various metrics, such as detection rate and overhead, it was shown that it could protect a system from attackers with a simple and resource-efficient decision-making process based on system metrics. Thus, the added value coming from the simple strategy selection algorithm of StraSelA is confirmed. Finally, all data sets used during the policy synthesis and evaluation are freely available for further research. |
| PDF File |
Download
|
| Export |
BibTeX
|