Visible to the public ForeSee: A Cross-Layer Vulnerability Detection Framework for the Internet of Things

TitleForeSee: A Cross-Layer Vulnerability Detection Framework for the Internet of Things
Publication TypeConference Paper
Year of Publication2019
AuthorsFang, Zheng, Fu, Hao, Gu, Tianbo, Qian, Zhiyun, Jaeger, Trent, Mohapatra, Prasant
Conference Name2019 IEEE 16th International Conference on Mobile Ad Hoc and Sensor Systems (MASS)
Keywordsattack graph, catastrophic accidents, composability, corresponding graph-based analysis, Cross Layer Security, cross-layer formal framework, cross-layer vulnerability detection framework, cyber security, decision making, design flaws, device firmware, firmware, ForeSee, graph theory, high-level decision-making processes, Internet of Things, Internet of Things (IoT), Internet-of-Things devices, Intrusion detection, IoT devices, IoT privacy, IoT security, IoT systems, long sequence, low-level physical surroundings, model checking, Multiple layer, multiple layers, network protocols, physical environment, potential attack paths, Protocols, pubcrawl, Resiliency, security issues, security of data, severe threats, system configurations, vulnerability analysis, vulnerability detection
AbstractThe exponential growth of Internet-of-Things (IoT) devices not only brings convenience but also poses numerous challenging safety and security issues. IoT devices are distributed, highly heterogeneous, and more importantly, directly interact with the physical environment. In IoT systems, the bugs in device firmware, the defects in network protocols, and the design flaws in system configurations all may lead to catastrophic accidents, causing severe threats to people's lives and properties. The challenge gets even more escalated as the possible attacks may be chained together in a long sequence across multiple layers, rendering the current vulnerability analysis inapplicable. In this paper, we present ForeSee, a cross-layer formal framework to comprehensively unveil the vulnerabilities in IoT systems. ForeSee generates a novel attack graph that depicts all of the essential components in IoT, from low-level physical surroundings to high-level decision-making processes. The corresponding graph-based analysis then enables ForeSee to precisely capture potential attack paths. An optimization algorithm is further introduced to reduce the computational complexity of our analysis. The illustrative case studies show that our multilayer modeling can capture threats ignored by the previous approaches.
Citation Keyfang_foresee_2019