Risk Assessment in a Sensor Cloud Framework using Attack Graphs
A sensor cloud consists of various heterogeneous wireless sensor networks (WSNs). These WSNs may have different owners and run a wide variety of user applications on demand in a wireless communication medium. Hence, they are susceptible to various security attacks. Thus, a need exists to formulate effective and efficient security measures that safeguard these applications impacted from attack in the sensor cloud. However, analyzing the impact of different attacks and their cause-consequence relationship is a prerequisite before security measures can be either developed or deployed. In this paper, we propose a risk assessment framework for WSNs in a sensor cloud that utilizes attack graphs. We use Bayesian networks to not only assess but also to analyze attacks on WSNs. The risk assessment framework will first review the impact of attacks on a WSN and estimate reasonable time frames that predict the degradation of WSN security parameters like confidentiality, integrity and availability. Using our proposed risk assessment framework allows the security administrator to better understand the threats present and take necessary actions against them. The framework is validated by comparing the assessment results with that of the results obtained from different simulated attack scenarios.
A. Sen and S. K. Madria, "Risk Assessment in a Sensor Cloud Framework using Attack Graphs," IEEE Transactions on Services Computing (TSC), vol. 10, pp. 942-955, Institute of Electrical and Electronics Engineers (IEEE), Nov 2017.
The definitive version is available at https://doi.org/10.1109/TSC.2016.2544307
Intelligent Systems Center
Keywords and Phrases
Wireless Sensor Networks; Security; Risk Management; Cloud Computing; Clouds; Bayes Methods; Estimation; Attack Graphs; Security; Risk Assessment; Sensor Clouds; Wireless Sensor Networks; Bayesian Networks
International Standard Serial Number (ISSN)
Article - Journal
© 2017 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.