ABSTRACT:
Modern Internet of Things (IoT)-assisted networks deploy many critical computing devices in the edge of the network so as to mitigate the bottleneck of network latency and bandwidth outage. Such computing devices have become attractive targets of attackers, as they derive critical insights that can often regulate the underlying industrial processes. Security administrators have to analyze vulnerable configurations, and evaluate feasible hardening options to secure such systems. In this article, we investigate the security threats to the edge devices in the IoT-assisted networks because of the inherent vulnerabilities present in the IoT devices, and formulate a novel graphical security model to conduct vulnerability-based risk assessment in such networks. We further propose a set of combinatorial optimization techniques for security hardening. For securing the target devices, we propose a randomized algorithm to enforce isolation of potential target devices from the attackers. The algorithm produces the least number of vulnerabilities, the removal of which protects the targets. For densely connected networks, we propose another algorithm to identify a minimal set of vulnerabilities to be hardened so as to keep potential targets below admissible levels of risk. The approach includes the formulation of an integer linear program, which is relaxed to solve in polynomial time, followed by a round-off technique to find the actual solution.