IoTSecSim: A framework for modelling and simulation of security in Internet of things
File version
Version of Record (VoR)
Author(s)
Ge, M
Bai, G
Kim, DD
Griffith University Author(s)
Primary Supervisor
Other Supervisors
Editor(s)
Date
Size
File type(s)
Location
Abstract
The proliferation of the Internet of Things (IoT) devices has provided attackers with tremendous opportunities to launch various cyber-attacks. It has been challenging to analyse the impact of cyber-attacks and evaluate the effectiveness of defences in real IoT environments due to the scale and heterogeneity of IoT networks. In this work, we propose a novel simulation framework and a software tool, IoT Security Simulator (IoTSecSim). IoTSecSim is operated based on a framework we propose for modelling and simulating cyber-attacks and various defences in IoT networks. IoTSecSim is not only able to support the creation of an IoT network with flexible settings of IoT devices and topology information but also models the attack behaviours, node-level, and network-level defences. Moreover, a systematic security evaluation can be performed by comparing the results based on the calculation of security metrics. We perform simulations with case studies on Mirai malware and its variants to model cyber-attack behaviours on IoT networks and evaluate the impact of these attacks and the effectiveness of defence techniques via IoTSecSim. Then, we carry out a sensitivity analysis to justify that the simulation results produced by IoTSecSim are accurate and feasible when compared with related works. We also perform a comparative performance analysis with four combinations of cyber-attack behaviours and show that these behaviours can influence IoT malware propagation in different situations. We consider multiple attacker models and deploy conventional defence techniques (including firewall, intrusion detection, and vulnerability patching) to investigate the effectiveness of defence techniques. IoTSecSim provides a generalised and extensible simulation framework that enables users to model emerging cyber-attacks against IoT networks and evaluate the effectiveness of defences against these attacks. This helps users focus on the design and performance evaluation of new defences before the actual implementation and deployment of the defences are required.
Journal Title
Computers and Security
Conference Title
Book Title
Edition
Volume
136
Issue
Thesis Type
Degree Program
School
Publisher link
Patent number
Funder(s)
Grant identifier(s)
Rights Statement
Rights Statement
© 2023 The Author(s). Published by Elsevier Ltd. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/).
Item Access Status
Note
This publication has been entered in Griffith Research Online as an advance online version.
Access the data
Related item(s)
Subject
Persistent link to this record
Citation
Chee, KO; Ge, M; Bai, G; Kim, DD, IoTSecSim: A framework for modelling and simulation of security in Internet of things, Computers and Security, 2024, 136, pp. 103534