Towards Automation of Vulnerability and Exploitation Identification in IIoT Networks

Since Industrial Internet of Things (IIoT) networks are comprised of heterogeneous manufacturing and technological devices and services, discovering previously unknown vulnerabilities and their exploitation vectors (also known as Penetration Testing - PT) is an arduous and risk-prone process. PT across IIoT networks requires system administrators to attempt multiple and often bespoke commercial tools for testing vulnerable network nodes, platforms, and software. In this paper, we propose a new testbed IIoT environment involving multiple vulnerable platforms connected to IIoT sensors and IoT gateways for designing automated vulnerability and exploitation identification techniques based on analyzing network flows. We utilize a particle filter technique for estimating the vulnerability and exploitation behaviors in a term of posterior probabilities. The proposed model is better than using traditional artificial planning algorithms that consume significant computational resources and demand termination criteria. The proposed testbed IIoT environment can be shared with other like-minded researchers to facilitate future evaluations.

[1]  Alfredo Pironti,et al.  FLEXTLS: A Tool for Testing TLS Implementations , 2015, WOOT.

[2]  Mumbai,et al.  Internet of Things (IoT): A Literature Review , 2015 .

[3]  Yun Liu,et al.  Secure Data Storage and Searching for Industrial IoT by Integrating Fog Computing and Cloud Computing , 2018, IEEE Transactions on Industrial Informatics.

[4]  Shiuh-Pyng Shieh,et al.  Penetration Testing in the IoT Age , 2018, Computer.

[5]  Franz Wotawa,et al.  Planning the Attack! Or How to use AI in Security Testing? , 2017 .

[6]  Jill Slay,et al.  Big Data Analytics for Intrusion Detection System: Statistical Decision-Making Using Finite Dirichlet Mixture Models , 2017 .

[7]  Richard Fikes,et al.  STRIPS: A New Approach to the Application of Theorem Proving to Problem Solving , 1971, IJCAI.

[8]  F. Richard Yu,et al.  A Multi-Level DDoS Mitigation Framework for the Industrial Internet of Things , 2018, IEEE Communications Magazine.

[9]  Keqin Li,et al.  Model-Checking Driven Security Testing of Web-Based Applications , 2010, 2010 Third International Conference on Software Testing, Verification, and Validation Workshops.

[10]  R. Bloem,et al.  Automatic Testing through Planning , 2006 .

[11]  Ioannis G. Askoxylakis,et al.  Lightweight & secure industrial IoT communications via the MQ telemetry transport protocol , 2017, 2017 IEEE Symposium on Computers and Communications (ISCC).

[12]  Jill Slay,et al.  Novel Geometric Area Analysis Technique for Anomaly Detection Using Trapezoidal Area Estimation on Large-Scale Networks , 2019, IEEE Transactions on Big Data.

[13]  Chien-Chuan Lin,et al.  Particle Filter for Depth Evaluation of Networking Intrusion Detection Using Coloured Petri Nets , 2010 .

[14]  Guy Shani,et al.  Partially Observable Contingent Planning for Penetration Testing , 2017 .

[15]  Ali Dehghantanha,et al.  Robust Malware Detection for Internet of (Battlefield) Things Devices Using Deep Eigenspace Learning , 2019, IEEE Transactions on Sustainable Computing.

[16]  Myo-Taeg Lim,et al.  Improving Reliability of Particle Filter-Based Localization in Wireless Sensor Networks via Hybrid Particle/FIR Filtering , 2015, IEEE Transactions on Industrial Informatics.