MTD, Where Art Thou? A Systematic Review of Moving Target Defense Techniques for IoT

MTD, Where Art Thou? A Systematic Review of Moving Target Defense Techniques for IoT

Context: Internet-of-Things (IoT) systems are increasingly deployed in the real world, but their security lags behind the state of the art of non-IoT systems. Moving target defense (MTD) is a cyberdefense paradigm, successfully implemented in conventional systems, that could improve IoT security. Ob...

Full description

Saved in:
Bibliographic Details
Published in:IEEE internet of things journal Vol. 8; no. 10; pp. 7818 - 7832
Main Authors: Navas, Renzo E., Cuppens, Frederic, Boulahia Cuppens, Nora, Toutain, Laurent, Papadopoulos, Georgios Z.
Format: Journal Article
Language:English
Published: Piscataway IEEE 15-05-2021
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects:
Bibliographies
Computer Science
Cryptography and Security
Cyber security
Cybersecurity
Entropy
Entropy (Information theory)
Feasibility
Foundations
Internet of Things
Internet of Things (IoT)
Literature reviews
Measurement
metrics
moving target defense (MTD)
Moving targets
Networking and Internet Architecture
Proposals
Security
systematic literature review
Systematics
Taxonomy
Measurement
Moving Target Defense
Metrics
Systematics
Cyber Security
Bibliographies
Taxonomy
Systematic Literature Review
Entropy
Internet of Things
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Context: Internet-of-Things (IoT) systems are increasingly deployed in the real world, but their security lags behind the state of the art of non-IoT systems. Moving target defense (MTD) is a cyberdefense paradigm, successfully implemented in conventional systems, that could improve IoT security. Objective: Identify and synthesize existing MTD techniques for IoT and validate the feasibility of MTD as a cybersecurity paradigm suitable for IoT systems. Method: We use a systematic literature review method to search and analyze existing MTD for IoT techniques up to July 2020. We evaluated the existing techniques in terms of security foundations and real-world deployability using the evidence they provide. We define and use entropy-related metrics to categorize them. This is the first MTD survey to use Shannon's entropy metric empirically. Results: Thirty-two distinct MTD for IoT techniques exist: 54% are Network-layer-based, 50% present strong evidence about their real-world deployment, and 64% have weak security foundations. Conclusion: MTD for IoT is a feasible cyberdefense approach. A variety of proposals exist, with evidence about their implementation and evaluation. Nevertheless, the MTD for IoT state of the art is still immature: the security foundations of most existing proposals are weak. Novel techniques should prioritize providing convincing security foundations and real-world deployment evidence.
ISSN:2327-4662
2372-2541
2327-4662
DOI:10.1109/JIOT.2020.3040358