Skip navigation

CROSS: a framework for cyber risk optimisation in smart homes

CROSS: a framework for cyber risk optimisation in smart homes

Zhang, Yunxiao, Malacaria, Pasquale, Loukas, George ORCID: 0000-0003-3559-5182 and Panaousis, Emmanouil ORCID: 0000-0001-7306-4062 (2023) CROSS: a framework for cyber risk optimisation in smart homes. Computers and Security, 130:103250. pp. 1-15. ISSN 0167-4048 (doi:https://doi.org/10.1016/j.cose.2023.103250)

[img]
Preview
PDF (AAM)
41498_PANAOUSIS_CROSS_A_framework_for_Cyber_Risk_Optimisation.pdf - Accepted Version
Available under License Creative Commons Attribution.

Download (1MB) | Preview

Abstract

This work introduces a decision support framework, called Cyber Risk Optimiser for Smart homeS (CROSS), which advises both smart home users and smart home service providers on how to select an optimal portfolio of cyber security controls to counteract cyber attacks in a smart home including traditional cyber attacks and adversarial machine learning attacks. CROSS is based on a multi-objective bi-level two-stage optimisation. In stage-one optimisation, the problem is modelled as a multi-leader-follower game that considers both security and economic objectives, where the provider selects a security portfolio to protect both itself and its users, while rational attackers target the weakest path. Stage-two optimisation is a Stackelberg security game that focuses on additional user security controls under the remit of smart home users. While CROSS can potentially be applied to other similar use cases, in this paper, our aim is to address threats against artificial intelligence (AI) applications as the use of AI in smart Internet of Things (IoT) devices introduces new cyber threats to home environments. Specifically, we have implemented and assessed CROSS in a smart heating use case in a prototypical AI-enabled IoT environment that combines characteristics and vulnerabilities currently present on existing commercial off-the-shelf (COTS) devices, demonstrating the selection of optimal decisions.

Item Type: Article
Uncontrolled Keywords: smart home security; mathematical optimisation; security controls; IoT; artificial intelligence
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Q Science > QA Mathematics > QA76 Computer software
Faculty / School / Research Centre / Research Group: Faculty of Engineering & Science
Faculty of Engineering & Science > Internet of Things and Security Research Centre (ISEC)
Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Last Modified: 05 Jul 2023 14:18
URI: http://gala.gre.ac.uk/id/eprint/41498

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics