Evaluating the Security of IoT Networks with Mobile Devices

Abstract

The Internet of Things (IoT) is a network comprised of heterogeneous devices that can exchange data without requiring human-to-human or human-to-computer interactions. However, there are various vulnerabilities found due to the heterogeneity of the IoT network. Moreover, the mobility of IoT devices causes potential dynamic changes to the attack surfaces of IoT networks. As a result, static network security analysis approaches cannot capture these changes. In order to address this problem, we present an IoT security assessment approach by modelling different movement patterns of mobile IoT devices. Graphical security models are used in conjunction to evaluate the security of the IoT networks taking into account the mobility of the IoT devices. Further, we use various security metrics to analyze the security of the network to show the changing security posture when mobility is taken into account. The feasibility of the proposed approach is demonstrated by analyzing the security of an example mobile IoT network using three existing synthetic mobility models: Random Waypoint, Gauss-Markov and Reference Point Group. The experimental analysis shows the changing attack surface of the IoT networks when mobile devices are considered.